Upload
gaurav-gp-pal
View
100
Download
1
Embed Size (px)
Citation preview
Security MicroSummit Aug 03, 2017
Agenda
PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR 2
1 8:00 – 8:30 AM Introductions and Networking
2 8.30 – 9.00 AM Building an AWS Environment for FISMA, FedRAMP,
HIPAA, FFIEC or PCI compliance
3 9:00 – 9:30 AM How to select a Next Generation Firewall Solution – Ed
Caswell , Cloud Consulting Engineer at Palo Alto Networks
4 9:30 – 10:00 AM Securing the AWS Environment with IPS & Monitoring –
Larry Kovalsky, Director, Federal Sales Engineering,
McAfee
5 10:00 – 10:30 AM Deep Packet Inspection on AWS – Shivank Dua, Director,
Security Systems Development at NIKSUN
6 10:30 – 11:00 AM How to build a SOC/NOC and gather Operational
Intelligence with Splunk ES and SplunkCloud
7 11:00 – 11:30 AM Wind-up and Networking
About stackArmor
3PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR
1 of 10 firms globally with new AWS Security Competency
Advanced AWS Partner with Certifications in GovCloud, Public Sector and Big Data Competencies
Global public sector customer base at the Federal, State and Local Government level
Fortune 500 Commercial clients with strong focus on security and automation
We are a cloud strategy, migration services and cybersecurity & managed operations provider with certified competencies in AWS GovCloud, Public Sector and Regulated Industries.
Global Customer Base and Delivery Model
Cloud Migration | Cloud Security & Compliance | Cloud Management
AWS, Security and Compliance
4PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR
Cloud Solutions Architect and Technology Strategist• Focused on full-stack security and operations management • Cloud automation and business process acceleration• Cybersecurity Policies, Procedures and Tactics
Supported the first AWS cloud migration in 2009 for Recovery.gov and have successfully led multiple large enterprise cloud modernization programs in regulated industries, Financial Services and Healthcare.
GPCEO and Founder
www.stackArmor.com@cloudpalgp
https://www.linkedin.com/in/[email protected]
Building a compliant AWS solution?
1. Select eligible services Being compliant means limiting your selection to specific services within
the scope of the compliance framework
Your best friend https://aws.amazon.com/compliance/services-in-scope/
PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR 5
Building a compliant AWS solution?
2. Architect for Compliance
PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR 6
• Firewall• Logging & Monitoring• Centralized Identity Management• Vulnerability Scanning and Patching• Data Protection and Encryption
Building a compliant AWS solution?
3. Generate the compliance artifacts
PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR 7
Document Description
Basic Security Policy This document provides a basic set of high level security policies that allow client to state that they have a security policy in place that can
serve as an initial baseline.
Assessment Plan This is a checklist security assessment, basically a self-assessment with questions asked by an experienced Information Assurance Analyst to
demonstrate understanding and maturity of Cybersecurity posture.
High Level Security
Assessment Report Security Assessment Report (SAR) that summarizes the scope, approach, high level findings and recommendations. The high-level recommendations are for any security controls found to be “not in place” and include description of actions necessary to show the security control is “in place”.
Vulnerability and
Penetration Testing Automated scans with basic parameters with provided autogenerated reports. This effort could be performed by an independent third-party
and the scope of the testing can vary. A final step of remediation and re-testing is normally required.
Letter of Attestation Executive summary of assessment signed by an experienced and certified Cybersecurity Specialist. The letter will attest to the overall level of
risk (Low, Moderate, High) based on the security controls found to be “not in place” and it will include a reference to the methodology
utilized to categorize the system being assessed, selection of security controls assessed.
Hmm…
PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR 8
Recent AWS and Security Trends
PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR 9
Serverless/MicroServices ArchitecturesMajor Serverless architecture building blocks are now compliant including: API Gateway (PCI, HIPAA) AWS Cognito (PCI, HIPAA) AWS Lambda (PCI) AWS DynamoDB (PCI, HIPAA, FedRAMP) AWS EC2 Container Service (PCI, HIPAA)
AWS HIPAA Program Update – Dedicated Instances and Hosts Are No Longer Required
Top Security “Boo boos”Common poor security mistakes Comment
1 Creating unnecessary access and secret keys for IAM Users
Console users don’t need keys
2 Using developer keys instead of instance roles for accessing instance
Use IAM roles to separate access to AWS resources that provide temporary credentials
3 Wide open inbound rules in security groups Restrict entry to specific ports and IP addresses as required
4 Lack of restrictions on production instances Any user can perform actions on production instances. Provision IAM roles that allow for separation of duties.
5 Poor segmentation and zoning of application and data components through the use of public and private sub-nets
Proper zoning through sub-nets allows for segregating netflow and blackholing requests in the event of an attack
6 Lack of boundary protection IDS, IPS, VPN Consider using WAF, IPS/IDS and VPN solutions
7 Inconsistent patch management and vulnerability scanning
Create an information security policy with a patching schedule with roles, responsibilities and reporting
PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR 10
Special Offer for Attendees
PROPRIETARY AND CONFIDENTIAL INFORMATION OF STACKARMOR 11
$100$
$1,000$
$5,000$
AWS Marketplace credits for any attendee of the AWS Security MicroSummit
AWS Marketplace credits for a specific POC or Pilot
AWS credits for a specific POC or Pilot or new initiative
questions?
Gaurav “GP” Pal
Founder
www.stackArmor.com
Tel: (571) 271 4396
Email: [email protected]
12