Integrated Security & Operations for Scaling Securely in AWS
-
Upload
amazon-web-services -
Category
Presentations & Public Speaking
-
view
419 -
download
0
Transcript of Integrated Security & Operations for Scaling Securely in AWS
AWS Security Customer Presentation:
Integrated Security & Operations for Scaling Securely in AWS
• Security for Software Defined World
• Threat Stack Cloud Security Platform• DevOps and Security Worlds
• Threat Stack Customer Success Stories
Agenda
Threat Stack Team
Vikram VarakantamDirector, Products and Customer Development
Background:
Vikram Varakantam is Director, Products and Customer Development at Threat Stack
Vikram is a long time veteran of security products domain with Senior Product Management roles managing IPS, Fireall and Security Services products at Cisco Systems Inc.
Software Defined Infrastructure The Shifting Paradigm
Security for Software Defined World ?
Devops and Sec image, courtesy of @petecheslock #devopsdays
Worlds of DevOps and Security
• Culture, Collaboration• Continuous Operations at Scale• Repeatability, Scale and
Automation, API• Well Known Orchestrated
Baselines • KISS Principles• Tight Feedback Loops
• Continuous Risk Management• Information sharing on as
needed basis• Solutions for specific domain
functions• Compliance and Reporting• Industry Benchmarks and
Compliance Policies (CIS, PCI, NIST)
DevOps
Philosophy & Tooling
Feedback & Hygiene
Traditional Security
Security Must Evolve With You
Deploy Operate Investigate
CLOUD SECURITY PLATFORM FOR START-UPS, HIGH GROWTH & ENTERPRISE Modern Infrastructure Requires Modern Security.
Vulnerability Management
Threat Intelligence
Compliance Reporting
Infrastructure Monitoring
Workload
Insights
Cloud Native. Platform Independent. Fully Integrated.
INCREASE VELOCITY OF YOUR SECURITY OPERATIONS
Time to detection: Go from 4 hrs to 4 minutes
GAIN COMPLETE VISIBILITY INTO BEHAVIOR
Know Who, What, Where, When across your entire environment
CONTINUOUS SECURITY MONITORING & VISIBILITY, IN ONE PLACE
No need to chase down fragmented data points from multiple tools
ASSURE COMPLIANCE FOR YOU & YOUR CUSTOMERS
Automatically implement effective controls, policies & procedures to protect data and meet compliance
Why Threat Stack?
v
v
Some of our Trusted Customers
Threat Stack Customer Story:
Ilya KalininSenior DevOps Engineer
Background:
IIya Kalinin is a Senior DevOps Engineer at AdRoll, #1 retargeting Adtech platform.
IIya is a leading DevOps practitioner involved in large scale Infrastructure Management automation projects leveraging tools as Jenkins, Docker, Ansible, Terraform, AWS.
AdRoll Infrastructure Overview
• Highly Elastic Infrastructure with 1000-1500 Instances
• Distributed Development teams with multiple configuration management toolsTerraform, Ansible, Puppet...
• System Components are treated as Separate Services from a operations point of view
• Developers need continuous access to troubleshoot, support their own services in production
• SRE team wants to retain control and have the audit trail but doesn't want to be a bottleneck to the engineering team’s velocity
• Every service is using an AMI pre-approved by SRE team to baseline deployments
Key Use Cases for Cloud Security
Get Visibility
Trust But Verify
Enforce Rules-based
Behavior
• Developers need continuous access to troubleshoot, support their own services in production
• SRE team wants to retain control and have the audit trail but doesn't want to be a bottleneck to the engineering team’s velocity
• Integrating Security across multiple Services across the AdRoll Infrastructure
• Enforcing Security Policy at Scale
• Integrating Security into Existing Engineering Practices without any disruption
Threat Stack Workflow
• Threat Stack Agent Integrated into AMI images pre-approved by SRE with various deployment automation tools for coverage across all Services.
• Security Monitoring on per service basis using custom ruleset to baseline each service behaviors.
• Initial challenges in adopting Threat Stack is deriving per service baselines and an initial rule set.
• Daily and weekly alert review, create suppression rules for new or changed baselines creation advice: better let some noise come through than miss something important.
Ilya’s Cloud Security Advice…
Be PatientCloud Security is important and important things take time to get right.
Build vs. BuyDo the calculations – you might be surprised by the cost of building…
Ask for HelpThreat Stack cloud security experts are always available to help; you don’t have to know all of the answers
Threat Stack Customer Story:
Anshu GuptaDirector of Information Security
Background:
Anshu Gupta is the Director of Information Security at HelloSign, a leading eSignature company.
Anshu is a long time security practitioner, having served as a trusted advisor on information security issues to Fortune 500 companies at Ernst & Young and KPMG and recently in senior security management roles at Esurance and Coupa Software.
Infrastructure Overview
• Highly orchestrated Dynamic Infrastructure with sophisticated Operations and Security Teams
• Infrastructure, tools and operational models designed to support rapid company growth
• Tight collaboration between DevOps and Security teams to manage Risk and Compliance Objectives
Key Use Cases for Cloud Security
ComplianceDerivatives
• Security as an accelerator for Business growth in partnership with Developers and Operations team
• Security tools designed for DevOps workflow and scale to known mature Security Functions (File Integrity Monitoring, Vulnerability Management)
• Enforcing Security Policy at Scale as business grows
• Support Compliance objectives with least overhead
• Augment Security mindshare through engagement model.
IntegratedSecurity
Multiple Security Functions
HelloSign : Why Threat Stack?
• Cloud native platform preferred by our DevOps team
• Threat Stack Team - engineering company with a solid product
• Exceptional support with service centric mindset
• Greater visibility into our environment using a single tool
Anshu’s Cloud Security Advice…
Modern ApproachCloud Security requires a new approach that fits well with the dynamic world
Security and ComplianceCombine functions – you might be surprised how both these worlds are so closer in the new world
Demand more..Threat Stack Cloud Security as an extended resource to augment Security mindshare.
Start Securing Your AWS Infrastructure
Next Steps and Trial Offer
Start continuously monitoring your AWS environment today with Threat Stack
We can help with every step along your cloud security journey!http://get.threatstack.com/aws-security-week
AWS Security Week Workshop
Integrated Security & O
Pete CheslockHead of Ops & Support@petecheslock
Tim ArmstrongProduct Marketing Manager@_timarmstrong
Continuous AWS Security Monitoring Platform