Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Amazon inspector で自動セキュリティ診断 / Automatic secur...
Search
Ryo Shibayama
November 20, 2016
Technology
0
66
Amazon inspector で自動セキュリティ診断 / Automatic security diagnostics with Amazon inspector
Ryo Shibayama
November 20, 2016
Tweet
Share
More Decks by Ryo Shibayama
See All by Ryo Shibayama
技術広報の集い #3 Lightning Talk - LayerX
serima
0
370
採用は全員で | Chuo TECH #1
serima
4
1.4k
高専 5 年時に 7 泊 8 日の合宿型ビジコンに参加したら人生が変わった
serima
0
420
カジュアル面談を通して “自社”のことを知る
serima
0
250
倒れても進捗 / Progress even if I fall
serima
1
760
CircleCI 導入への入門 / Introduction to CircleCI
serima
0
87
GameWithを支えるインフラ基盤 - スケールイン・アウト戦略編 / GameWith infrastructure - Scale in and out strategy
serima
0
50
エンジニア採用と PHP / Engineer Recruitment and PHP
serima
0
80
できることから始める OSS Contribution / Start OSS Contribution With What You Know
serima
1
200
Other Decks in Technology
See All in Technology
Why Platform Engineering? - マルチプロダクト・少人数 SRE の壁を越える挑戦 -
nulabinc
PRO
5
450
とあるEdTechベンチャーのシステム構成こだわりN選 / edtech-system
gotok365
5
340
AWSを利用する上で知っておきたい名前解決の話
nagisa53
6
820
Azure × MCP 入門
ry0y4n
8
1.8k
250510 StepFunctionのテスト自動化始めました vol.1
east_takumi
1
230
Serverlessだからこそコードと設計にはこだわろう
kenichirokimura
3
1.1k
dbtとリバースETLでデータ連携の複雑さに立ち向かう
morookacube
0
860
Асинхронная коммуникация в Go: от понятного к душному. Дима Некрасов, Otello, 2ГИС
lamodatech
0
2.1k
AI 코딩 에이전트 더 똑똑하게 쓰기
nacyot
0
560
激動の一年を通じて見えてきた「技術でリードする」ということ
ktr_0731
7
6.5k
TanStack Start 技術選定の裏側 / Findy-Lunch-LT-TanStack-Start
iktakahiro
1
140
LINE 購物幕後推手
line_developers_tw
PRO
0
560
Featured
See All Featured
Mobile First: as difficult as doing things right
swwweet
223
9.6k
YesSQL, Process and Tooling at Scale
rocio
172
14k
Speed Design
sergeychernyshev
29
940
The Invisible Side of Design
smashingmag
299
50k
Rebuilding a faster, lazier Slack
samanthasiow
81
9k
Optimising Largest Contentful Paint
csswizardry
37
3.2k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
5.7k
Producing Creativity
orderedlist
PRO
344
40k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
32
2.3k
Building Adaptive Systems
keathley
41
2.5k
Code Reviewing Like a Champion
maltzj
523
40k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
13
840
Transcript
Amazon Inspector Ͱ ࣗಈηΩϡϦςΟஅ גࣜձࣾβούϥε @serima / ࣲࢁ ྮ
ࣗݾհ • ىۀˠ·͙·͙ˠάϦʔˠβούϥε • βούϥεೖࣾ 1 ܦͬͨ • αʔόαΠυΤϯδχΞ •
Πϯϑϥ͍ͬͯ·͢
Rint
AWS ͬͯ·͢ • βούϥεͰɺҰ෦αʔϏεͰ AWS Λར༻ • EC2/ELB/Route 53/S3/RDS/ElastiCache
• ελϯμʔυͳߏ
੬ऑੑ ಡΊͳ͍
੬ऑੑ • γεςϜͷ҆શ্ͷܽؕ • ηΩϡϦςΟϗʔϧ • ์͓ͬͯ͘ͱɺ͜ΕΛಥ͔ΕͯඃΛड͚Δ Մೳੑ͕͋Δ
ຖिͷΑ͏ʹݟ͔ͭΔ੬ऑੑ
ใݯ • JPCERT • IPA • Wordpress ެࣜαΠτ • PHP
ެࣜαΠτ • ଞʹ͍Ζ͍Ζ…
None
CVE • Common Vulnerabilities and Exposures • ڞ௨੬ऑੑࣝผࢠ • ถࠃͷMITRE͕ࣾఏڙ͍ͯ͠Δ੬ऑੑใ
σʔλϕʔε • CVE-ID ҰҙʹৼΒΕɺੈքڞ௨
ηΩϡϦςΟνΣοΫɺ ͯ͠·͔͢ʁ
Amazon Inspector • 20165݄ʹҰൠར༻։࢝ • EC2 Πϯελϯεͷ੬ऑੑΛݕͯ͘͠ΕΔ αʔϏε
None
None
ԿͷνΣοΫ͕Ͱ͖Δͷ͔ • Common Vulnerabilities and Exposures • CIS Operating System
Security Configuration Benchmarks • Security Best Practices • Runtime Behavior Analysis
खॱ • Inspector ༻ͷϩʔϧΛ࡞͢Δ • ରͱ͢Δ EC2 ΠϯελϯεʹλάΛઃఆ • σʔϞϯΛΠϯετʔϧ
• ධՁςϯϓϨʔτͷ࡞ • Ͳͷλά͕͍ͭͨΠϯελϯεʹ͍࣮ͭͯߦ͢Δͷ͔ • ԿͷηΩϡϦςΟνΣοΫΛߦ͏ͷ͔ • ࣮ߦ
None
$ curl -O https:// d1wk0tztpsntt1.cloudfront. net/linux/latest/install $ sudo bash install
None
ࢼݧ༻ʹ OpenSSL ͷ όʔδϣϯ͕গ͠ݹ͍ ΠϯελϯεΛ༻ҙ
None
݁Ռ
ͦΕͧΕʹ͍ͭͯৄࡉઆ໌ͱରॲ๏͕ࢀরͰ͖Δ
Ϧϕϯδ ͱΓ͋͑ͣॏཁ High ͷͷͳ͘ͳͬͨ
֦͕Γͱͯ͠ • Amazon SNS ରԠ͍ͯ͠ΔͷͰɺྃ࣌ʹ Slack ͳͲʹ௨ • ͪΖΜ SDK
ެ։͞Ε͍ͯΔͷͰɺఆظత ʹࣗಈ࣮ߦͤ͞Δ͜ͱՄೳ ʢࠓͷͱ͜Ζίϯιʔϧ͔ΒͰ͖Δػೳͳ ͛͞ʣ
҆৺ɾ҆શͳ։ൃΛ • ͱ͍͑ɺ͜Ε͚ͩͰෆे • ੬ऑੑʹରͯ͠ɺҰఆͷอݥΛ͔͚Δ • χϡʔεΛνΣοΫͯ͠ɺదͳରԠΛʂ
serima
nulabinc
gotok365
nagisa53
ry0y4n
east_takumi
kenichirokimura
morookacube
lamodatech
nacyot
ktr_0731
iktakahiro
line_developers_tw
swwweet
rocio
sergeychernyshev
smashingmag
samanthasiow
csswizardry
zakiyama
orderedlist
jcasabona
keathley
maltzj
