Automated Security Remediation

Pages 24
Views 10
of 24
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Description
Security issues in your environment need to be identified and corrected faster than ever. AWS makes this easier with increased visibility and automated remediation capabilities. Australia Post will show you how they built an effective automated remediation pipeline that took the potential for human error out of the equation.Presenters: Michael Stringer, Solutions Architect, AWS; Jason Gorringe, Manager Cloud Services, Australia Post; Ahmed Al-Anim, Cloud Security Specialist, Australia Post.
Transcript
  • 1. P U B L I C S E C T O R S U M M I T C anb er r a, AC T
  • 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Automated Security Remediation Michael Stringer Solutions Architect AWS Jason Gorringe Manager Virtualisation and Cloud Services Australia Post Ahmed Al-Anim Cloud Security Specialist Australia Post
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T What if I told you… automatically?
  • 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T We need to ask some questions about your security…
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Low degree of automation Lack of visibility Why is security incident response so hard?
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Skills shortageSignal-to-noiseLarge datasets Why is security incident detection so challenging?
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Why do I need guardrails in my AWS Accounts? and scales on AWS You need your security to keep pace with your agility As your business builds
  • 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Why do I need to build automation? <
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Keep humans away from your security and scaling
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T • Automation removes the potential for human error. • It works around the clock, and on weekends and holidays. • Automation enables a self-healing environment. • Multiple incidents can be responded to in parallel. • It allows InfoSec and other teams to better utilise their time for high-level security tasks. • All easily built and scaled using the power of AWS. Benefits of Automating your Security Remediation
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Other log sources AWS Lambda Amazon Simple Notification Service (Amazon SNS) Build repeatable Serverless Automation Patterns Amazon Web Services (AWS) Amazon CloudWatch events Events RemediationNotifiers
  • 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Automate with integrated services CloudWatch events LambdaAmazon GuardDuty Amazon CloudWatch CloudWatch event AWS Lambda Lambda function
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T But enough of the ’Why?’ Now for a real-world example of how?
  • 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T • Self-funded government business • Over 70,000 employees in our extended workforce • Australia's largest retail network with 4,356 post offices • Deliver to 11.9 million addresses • Deliver more than 1.3 million parcels across Australia every day About Australia Post
  • 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T We AWS
  • 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T How we build • Agile methodology, iterative development practices • Hundreds of developers • Continuous integration and delivery with 8 – 12 production deployments per day • Co-located teams – developers, business analysts, PMs, business stakeholders, and security • Literally hundreds of AWS configuration changes every single day
  • 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T So how do we scale security?
  • 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Step 1: Detect Step 2: Assess Step 4: Notify How can we detect specific events of interest, such as key configuration changes in AWS? How can we assess selected assets against known security baseline policies? Step 3: Remediate How can we treat identified deviations from security policy? How do we notify the affected people and maintain traceability? The Problem(s)
  • 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Detect: Examples AWS CloudTrail configuration changes Route table changes RDS encryption enabled Security group ingress rules
  • 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T
  • 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T The Solution Detect Assess Remediate Notify Ticket raised and assigned Message sent
  • 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Outcomes improved reduction in time transparency low operating costs
  • 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Challenges Stakeholder communication and management Scalability of developer education program Ability to influence upstream changes Established and mature security baselines
  • 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C T O R S U M M I T Try sending the output of AWS monitoring and security services into the same serverless pattern you have seen here today Look for AWS security blog posts and quick starts for more information on building automated security remediation Adopt automated security remediation as part of your workflow Call To Action Go build and let us know what you come up with
  • Advertisements
    Related Documents
    View more...
    We Need Your Support
    Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

    Thanks to everyone for your continued support.

    No, Thanks
    SAVE OUR EARTH

    We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

    More details...

    Sign Now!

    We are very appreciated for your Prompt Action!

    x