AWS Security meetup: How to implement top 10 aws security best practices
SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals,...
Transcript of SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals,...
![Page 1: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/1.jpg)
SANS AWS InSecurity Summit Washington DCJune 8, 2018
![Page 2: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/2.jpg)
Today’s Agenda● The State of AWS Cloud Security / Top 10 Problems
○ Ben Hagen
● Morning Presentations○ Will Bengston ~ Netflix
○ Steve Woodrow ~ Lyft
○ Mark Hillick ~ Riot Games
○ Thomas Vachon ~ Harvard University
● Afternoon Training○ Part 1 ~ AWS Security Fundamentals, Bringing it all together
○ Part 2 ~ Programmatic AWS / Lambda / Events
![Page 3: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/3.jpg)
The State of Cloud Security
![Page 4: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/4.jpg)
![Page 5: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/5.jpg)
A well architected & instrumented AWS
environment is more secure than its
counterpart in a datacenter.(*)
![Page 6: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/6.jpg)
(*) but only if you know what you’re
doing.
![Page 7: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/7.jpg)
Meaning ... the state of cloud securitySHOULD BE BETTER
![Page 8: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/8.jpg)
Top 10 AWS Security Risks
![Page 9: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/9.jpg)
1. Insecure use of developer credentials
![Page 10: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/10.jpg)
2. Publicly accessible S3 buckets
![Page 11: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/11.jpg)
3. Improper use of default configurations
![Page 12: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/12.jpg)
4. Access controls do not follow principles of least privilege
![Page 13: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/13.jpg)
5. Misconfigured network constructs
![Page 14: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/14.jpg)
6. Lack of appropriate logging and monitoring
![Page 15: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/15.jpg)
7. Lack of inventory management
![Page 16: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/16.jpg)
8. Domain hijacking
![Page 17: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/17.jpg)
9. Lack of a disaster recovery plan
![Page 18: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/18.jpg)
10. Manual account configuration
![Page 19: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/19.jpg)
Bonus!http://169.254.169.254/latest/meta-data/iam/security-credentials/
![Page 20: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/20.jpg)
To sum things up ...● We’ve covered 10 common mistakes organizations make ... there
are more
● But the opportunities and advantages of public cloud
environments can be worth it
● As security professionals we must understand the technology
and environment we are securing
● In the case of AWS this translates to a fundamental
understanding of how AWS works and how you can instrument and
manage not only the security features of your account, but the
account itself towards your organization’s security goals
![Page 21: SANS AWS InSecurity Summit - SANS Cyber Security ... · Part 1 ~ AWS Security Fundamentals, Bringing it all together Part 2 ~ Programmatic AWS / Lambda / Events. The State of Cloud](https://reader036.fdocuments.in/reader036/viewer/2022070711/5ec7f4e0b0961563f35e920d/html5/thumbnails/21.jpg)
Thank you!