-
Introduction
Security Challenges
Shared Responsibility
Security of the cloud
Security Services in AWS
AWS Security Frameworks
How to prioritize
Evolutive Path
1.
Quick Wins
Assign security contacts
Select the regions & block the rest
Evaluate Cloud Security Posture
Multi-Factor Authentication
Root Protection
Identity Federation
Cleanup unintended access
Detect Common Threats
Audit API calls
Billing alarms
Close risky open admin ports
Block Public Access
Analyze data security posture
Act on Critical Findings
WAF with managed rules
Evaluate Resilience
2.
Foundational
Sec & Regulatory requirements
Cloud Security Training Plan
Inventory & Configurations Monitoring
GuardRails - Org policies SCPs/RCPs
Use Temporary Credentials
IMDS v2
Advanced Threat Detection
Infrastructure vulnerabilities
Application Vulnerabilities
Limit Network Access
Secure EC2 Instances Management
Network segmentation (VPCs)
Multi-account management
Data Encryption at rest
Data Backups
Discover sensitive data
Security in Development
No secrets in code
Define incident response playbooks
Use multiple Availability Zones
3.
Efficient
Design your secure architecture
Use infrastructure as code
Tagging Strategy
Create your compliance reports
Least Privilege Review
CIAM: security of your customers
Custom Threat Detection - SIEM/Lake
Security Champions Program
DevSecOps: Security in the Pipeline
Golden Image Pipeline
Anti-Malware / EDR / RP
Outbound Traffic Control
Encryption in transit
Threat Modeling
Adv. WAF with Custom Rules
DDoS Mitigation (Layer 7)
Run TableTop exercises
Automate critical playbooks
Investigations - Root cause analysis
Disaster Recovery Plan
4.
Optimized
Sharing security tasks (RACI)
Automate evidence gathering
IAM Data Perimeters
IAM Pipeline
Temporary Elevated Access
Threat Intelligence
VPC Flow Logs Analysis
Vulnerability Management Team
Zero Trust Access
Using abstract services
GenAI Data protection
Red Team
Blue Team
Advanced Automations
Security Orchestration & Ticketing
Automate deviation correction
Disaster Recovery Automation
Chaos Engineering
--
Maturity Model
-
Events calendar
-
Webinars
-
Assessment Tools
-
Whitepapers, FAQ, others
Frequently Asked Questions
AWS Security Documentation
AWS Security Whitepapers
Free security services
-
Contact
-
Financial Services
Amazon Fraud Detector
PCI Compliance
Payment Cryptography
-
Survey
Clear History
© 2024 Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Home
>
Introduction
> Security Challenges
Security Challenges
Your browser does not support the video tag.