Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Security Elevated By Ahmed AbuGharbia

Security Elevated By Ahmed AbuGharbia

Security Elevated
By Ahmed AbuGharbia

AWS MENA Community

September 25, 2020
Tweet

More Decks by AWS MENA Community

Other Decks in Technology

Transcript

  1. ◦ Passionate about security since high school ◦ 12 years

    in Security ◦ “Discovered” the cloud and fell in love! ◦ Managed Security Services, Sirius computer Solutions ◦ A Jiu Jitsu Practitioner ◦ Look me up on Linkedin ▪ https://www.linkedin.com/in/ahmadabugharbieh/ ▪ Email: [email protected] Ahmed Abugharbia
  2. Traditional Security • Network Security • Vulnerability Management • Security

    Operation Centers • Red Team (Penetration Testers) • Applications Security • Governance and Compliance
  3. AWS Cloud • AWS Cloud is just different ◦ Agile

    ◦ Fast ◦ Comprehensive ( So many Services) ◦ Changes often ◦ New Terminology
  4. New concepts • EC2 Instances • S3 Buckets • Containers

    • Lambdas • API Gateways • And much more
  5. So what has changed? Less emphasis on network security •

    Smaller Attack surface • New “types” of infrastructure ◦ API Gateways, S3s, Lambda • Attackers’ focus is shifting
  6. So what has changed? More emphasis on Application Security •

    New attack vectors ◦ AWS Infra related ◦ Applications related
  7. So what has changed? Infrastructure as code • DevOps Integrated

    security (DevSecOps) • Faster Changes • Easier to Audit?
  8. Approaching Cloud Security Incident Handling • IH Plan ◦ Detect

    Incidents ◦ Respond to Incident • IH as Code
  9. Utilize Native Services • IAM • KMS • GuardDuty •

    Cognito • WAf & Shield • Security Hub
  10. Utilize Third party tools • Cloud Custodian ◦ https://cloudcustodian.io/ •

    Security Monkey ◦ https://github.com/Netflix/se curity_monkey • A Secure Cloud ◦ https://asecure.cloud/
  11. Summary • Everything is faster as code • Cloud Elevated

    Development • With that, Security was Elevated