A talk by Luis pastor by AWS
Notes
- Clients want security posture to be more focused on innovation, older security practice was more about ‘No’, we move to a new mentality of innovation
- No client thinks they have the right-size team, Cyber teams are always very small
- Customers see the growing pains of expanding to cloud
- We have to implement a lot of automation for larger environments
- We require end-to-end security
- Shared Responsibility Model
- AWS believes security by design. Any new service must be secure
- Oftentimes we work with compliance frameworks across the globe
- Security by design from the silicon level
- AWS Nitro
- AWS processes over 1 trillion requests a day
- Analyzes 1m domains a day
- Amazon GuardDuty
- 2.7 scans to probe open AWS S3 buckets
- ACL is still important
- AWS Shield
- IAM issues include:
- Remote work, we need to be able to have VPN
- Growth of customer-facing applications that require customers to login and have the right permissions
- IAM is a top priority for compliance requirements
- AWS Cognito
- 4 Data protection requirements:
- Encryption at Rest, Backups and integrity or a Write Once Read Many Model
- Encryption in Transit
- Encrypted application secrets
- AWS Key Management System
- AWS Firewall Manager is a centralized tool used to manage network security
- Amazon GuardDuty
- Amazon Secure Lake
- Generative AI used for the menial work
- Defense In Depth
- Policies and procedures andawarenress
- IAM
- threat detetion an d IR
- Infrastructure protection
- Defense In Depth
- GenAI is often used as an assistant for developing code, finding threats
- Amazon Detective
- Amazon Insecptor
- Amazon Macie
- If you are making a tool that is like an security assistant, focus on the architecture you’r environment is using, and what sort of attackers are known and will be exploited