Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Mitigating Cyber Risks on AWSBertram Dorn, Specialized Solutions Architect for Security
and Compliance
On demand Pay as you go
Uniform Available
Cloud
Cloud Services
What is AWS?
AWS Global Infrastructure
Application Services
Networking
Deployment & Administration
DatabaseStorageCompute
API
• WebInterface• CLI• SDK• API
Architect
AWS IAM
Resource / ApplicationUser
AmazonS3
AmazonDynamoDB
Amazon API Gateway Amazon
SES
AmazonSQS
Application
API Features• DDoS Protected• MultiAZ• Available• Encryption in
Transport• Authenticated• Logging
Shared Responsibility
Cross-service Controls
Service-specific Controls
Managed by AWS
Managed by Customer
Security of the Cloud
Security in the Cloud
Cloud Service Provider Controls
Optimized Network/OS/App Controls
Request reports at:aws.amazon.com/compliance/#contact
ISO27000
ISO9001
The Paths
CloudData Path Command Path
Application Path
Managed by Customer
Services Command Path
Amazon Macie
Amazon CloudWatch
AWSCloudTrail
AWSConfig
IAMAWSOrganizations
AWS KMS
flow logs
Amazon ESEBSS3SQSWork*SSM
Guard Duty
Services Data Path
AWS Shield
AWS WAF
Elastic Load Balancing*
AWS Direct Connect
Amazon CloudFront
AmazonRoute 53
Amazon Inspector
AWS Certificate Manager
Amazon API Gateway
AWSLambda
virtual private cloud
customer gateway
Internet gateway
VPCpeering
VPN gateway
Amazon EC2 Systems Manager
AWSCloudHSM
Thank you
Related Documents
