Upload
amazon-web-services
View
162
Download
4
Embed Size (px)
Citation preview
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Mitigating Cyber Risks on AWSBertram Dorn, Specialized Solutions Architect for Security
and Compliance
What is AWS?
AWS Global Infrastructure
Application Services
Networking
Deployment & Administration
DatabaseStorageCompute
API
• WebInterface• CLI• SDK• API
Architect
AWS IAM
Resource / ApplicationUser
AmazonS3
AmazonDynamoDB
Amazon API Gateway Amazon
SES
AmazonSQS
Application
API Features• DDoS Protected• MultiAZ• Available• Encryption in
Transport• Authenticated• Logging
Shared Responsibility
Cross-service Controls
Service-specific Controls
Managed by AWS
Managed by Customer
Security of the Cloud
Security in the Cloud
Cloud Service Provider Controls
Optimized Network/OS/App Controls
Request reports at:aws.amazon.com/compliance/#contact
ISO27000
ISO9001
Services Command Path
Amazon Macie
Amazon CloudWatch
AWSCloudTrail
AWSConfig
IAMAWSOrganizations
AWS KMS
flow logs
Amazon ESEBSS3SQSWork*SSM
Guard Duty
Services Data Path
AWS Shield
AWS WAF
Elastic Load Balancing*
AWS Direct Connect
Amazon CloudFront
AmazonRoute 53
Amazon Inspector
AWS Certificate Manager
Amazon API Gateway
AWSLambda
virtual private cloud
customer gateway
Internet gateway
VPCpeering
VPN gateway
Amazon EC2 Systems Manager
AWSCloudHSM