Podcasts about amazon guardduty

  • 17PODCASTS
  • 32EPISODES
  • 35mAVG DURATION
  • ?INFREQUENT EPISODES
  • May 22, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about amazon guardduty

Latest podcast episodes about amazon guardduty

Eye On A.I.
#256 Stephen Schmidt: Inside Amazon's AI-Powered Cybersecurity Strategy

Eye On A.I.

Play Episode Listen Later May 22, 2025 53:35


Can Generative AI Be Secured? Amazon's Chief Security Officer Weighs In   In this episode of Eye on AI, Amazon's Chief Security Officer Stephen Schmidt pulls back the curtain on how Amazon is using AI-powered cybersecurity to defend against real-world threats. From global honeypots to intelligent alarm systems and secure AI agent networks, Steve shares never-before-heard details on how Amazon is protecting both its infrastructure and your data in the age of generative AI.   We dive deep into: Amazon's MadPot honeypot network and how it tracks adversaries in 90 seconds The role of AI in threat detection, alarm triage, and code validation Why open-source vs. closed-source models are a real security debate The critical need for data privacy, secure LLM usage, and agent oversight Amazon's $5M+ Nova Trusted AI Challenge to battle adversarial code generation Whether you're building AI tools, deploying models at scale, or just want to understand how the future of cybersecurity is evolving—this episode is a must-listen.   Don't forget to like, subscribe, and turn on notifications to stay updated on the latest in AI, security, and innovation.     Stay Updated: Craig Smith on X:https://x.com/craigss Eye on A.I. on X: https://x.com/EyeOn_AI (00:00) Preview (00:52) Stephen Schmidt's Role and Background at Amazon (02:11) Inside Amazon's Global Honeypot Network (MadPot) (05:26) How Amazon Shares Threat Intel Through GuardDuty (08:06) Are Cybercriminals Using AI? (10:28) Open Source vs Closed Source AI Security Debate (13:09) What Is Amazon GuardDuty (17:44) How Amazon Protects Customer Data at Scale (20:18) Can Autonomous AI Agents Handle Security? (25:14) How Amazon Empowers SMBs with Agent-Driven Security (26:18) What Tools Power Amazon's Security Agents? (29:25) AI Security Basics (35:34) Securing AI-Generated Code (37:26) Are Models Learning from Our Queries? (39:44) Risks of Agent-to-Agent Data Sharing (42:08) Inside the $5M Nova Trusted AI Security Challenge (47:01) Supply Chain Attacks and State Actor Tactics (51:32) How Many True Adversaries Are Out There? (53:04) What Everyone Needs to Know About AI Security  

Cloud Security Podcast
AWS reInvent 2023 - Security highlights and announcements

Cloud Security Podcast

Play Episode Listen Later Dec 5, 2023 56:00


Cloud Security Podcast just got back from AWS re:invent 2023, there was a lot of chat around, you guessed it - GenAI but along with that there were plenty of security updates and announcement. Shilpi and Ashish broke them all down for you and what it all actually means for all security practitioners. Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠ Questions asked: (00:00) Introduction (04:49) GenAI at AWS re:Invent (06:01) No new security service announced (06:48) Updates from CEO and CTO Keynotes (11:29) What is Amazon Inspector? (12:10) Amazon Inspector Security Updates (15:09) What is AWS Security Hub? (15:52) AWS Security Hub Security Updates (18:52) What is Amazon GuardDuty? (20:10) Amazon GuardDuty Security Updates (22:49) What is Amazon Detective? (23:45) Amazon Detective Security Updates (26:22) What is IAM Access Analyser? (28:06) IAM Access Analyser Security Updates (30:33) What is AWS Config? (31:25) AWS Config Security Updates (32:35) Other Security Updates (33:46) 3 Layers of AI (35:21) What is Amazon CodeWhisperer? (36:36) Amazon Application Composer (37:34) Guardrails for Bedrock (38:13) Amazon Q (41:17) Zero Trust (41:45) Ransomware (44:29) Security Talks (45:54) Input filtering and validation for WAF (50:31) Enterprise IAM and data perimeter (53:00) Conclusion and find out more! You can check out the Top announcements of AWS re:Invent 2023 + AWS re:Invent 2023 - Security Compliance & Identity

InfosecTrain
GuardDuty vs. Detective

InfosecTrain

Play Episode Listen Later Jul 7, 2023 5:19


In the realm of cybersecurity, organizations are constantly searching for effective threat detection and analysis solutions to safeguard their digital assets. Amazon Web Services (AWS) provides two prominent services to address this need: Amazon GuardDuty and Amazon Detective. Both services offer unique features and capabilities that aid in identifying and responding to potential security threats. This comparison will explore the key differences and strengths of GuardDuty and Detective, helping organizations make informed decisions when choosing the most suitable solution for their security needs. What is AWS GuardDuty? AWS GuardDuty is a threat intelligence service that uses machine learning to analyze your AWS logs and events to identify potential threats. It can detect various threats, including compromised accounts, unauthorized access, and data exfiltration. GuardDuty also provides detailed information about each finding so that you can rapidly comprehend the nature of the threat and take remedial action. View More: GuardDuty vs. Detective

The Cloud Pod
207: AWS Puts Up a New VPC Lattice to Ease the Growth of Your Connectivity

The Cloud Pod

Play Episode Listen Later Apr 15, 2023 31:18


AWS Puts Up a New VPC Lattice to Ease the Growth of Your Connectivity AKA Welcome to April (how is it April already?) This week, Justin, Jonathan, and Matt are your guides through all the latest and greatest in Cloud news; including VPC Lattice from AWS, the one and only time we'll talk about Service Catalog, and an ultra premium DDoS experience. All this week on The Cloud Pod.  This week's alternate title(s): AWS Finally makes service catalogs good with Terraform Amazon continues to believe retailers with supply chain will give all their data to them Azure copies your data from S3… AWS copies your data from Azure Blobs… or how I set money on fire with data egress charges

AWS Morning Brief
A Repository of AWS Customer Breaches

AWS Morning Brief

Play Episode Listen Later Apr 6, 2023 3:13


Last week in security news: Gain insights and knowledge at AWS re:Inforce 2023, InvalidClientTokenId, a repository of AWS customer breaches, and more!Links: If you're in New York City proper, I hope to see you tonight at 7PM at Vol de Nuit We're hiring an Account Exec to handle media sales for this very podcast. Should you be the person who refers the successful candidate, we'll give you a $3K USD referral fee. Nick Frichette has found an undocumented Amplify API and used it to leak AWS Account IDs. Friend of the newsletter Chris Farris has started an AWS security consulting practice. Gain insights and knowledge at AWS re:Inforce 2023  How to use Amazon GuardDuty and AWS WAF v2 to automatically block suspicious hosts InvalidClientTokenId: The security token included in the request is invalid error Someone is curating this repository of AWS customer breaches.

Software Defined Talk
Episode 389: The Miscellaneous Keynote

Software Defined Talk

Play Episode Listen Later Dec 2, 2022 72:39


This week we recap the news from AWS re:Invent and discuss application vendors mandating use of specific Kubernetes distros. Plus, some thoughts on dog boarding… Watch the YouTube Live Recording of Episode 389 (https://www.youtube.com/watch?v=h8L0QEIMvOs) Runner-up Titles Everyone gets a Graviton Instance What a Boring re:Invent Part of our brand 17 Days in the Hole Under the Stars, Under the Sea Tighten it up Don't make me pay for security Secure by default That's a great message and I don't believe it Works with Lambda Security, it keeps getting better? Rundown AWS re:Invent What's New at AWS – Cloud Innovation & News - 2022 Archive (https://aws.amazon.com/about-aws/whats-new/2022/?whats-new-content-all.sort-by=item.additionalFields.postDateTime&whats-new-content-all.sort-order=desc&awsf.whats-new-analytics=*all&awsf.whats-new-app-integration=*all&awsf.whats-new-arvr=*all&awsf.whats-new-blockchain=*all&awsf.whats-new-business-applications=*all&awsf.whats-new-cloud-financial-management=*all&awsf.whats-new-compute=*all&awsf.whats-new-containers=*all&awsf.whats-new-customer-enablement=*all&awsf.whats-new-customer%20engagement=*all&awsf.whats-new-database=*all&awsf.whats-new-developer-tools=*all&awsf.whats-new-end-user-computing=*all&awsf.whats-new-mobile=*all&awsf.whats-new-gametech=*all&awsf.whats-new-iot=*all&awsf.whats-new-machine-learning=*all&awsf.whats-new-management-governance=*all&awsf.whats-new-media-services=*all&awsf.whats-new-migration-transfer=*all&awsf.whats-new-networking-content-delivery=*all&awsf.whats-new-quantum-tech=*all&awsf.whats-new-robotics=*all&awsf.whats-new-satellite=*all&awsf.whats-new-security-id-compliance=*all&awsf.whats-new-serverless=*all&awsf.whats-new-storage=*all) Compute Amazon EC2 C7g instances – Compute –Amazon Web Services (https://aws.amazon.com/ec2/instance-types/c7g/?sc_icampaign=aware_ec2-c7gn-instances_reinvent22&sc_ichannel=ha&sc_icontent=awssm-11814_aware_reinvent22&sc_iplace=ribbon&trk=1b39069e-86fc-466c-99c7-4ab2427ddb3a~ha_awssm-11814_aware_reinvent22) Announcing Amazon EC2 M6in, M6idn, R6in, and R6idn network optimized instances (https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-ec2-m6in-m6idn-r6in-r6idn-network-optimized-instances/) Announcing Amazon EC2 Hpc6id instances (https://aws.amazon.com/about-aws/whats-new/2022/11/announcing-amazon-ec2-hpc6id-instances/) AWS Nitro Enclaves now supports Amazon EKS and Kubernetes (https://aws.amazon.com/about-aws/whats-new/2022/11/aws-nitro-enclaves-supports-amazoneks-kubernetes/) Introducing Finch: An Open Source Client for Container Development (https://aws.amazon.com/blogs/opensource/introducing-finch-an-open-source-client-for-container-development/) New – Accelerate Your Lambda Functions with Lambda SnapStart (https://aws.amazon.com/blogs/aws/new-accelerate-your-lambda-functions-with-lambda-snapstart/) Data Announcing Amazon Redshift integration for Apache Spark with Amazon EMR (https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-redshift-integration-apache-spark-amazon-emr/) AWS announces Amazon Redshift integration for Apache Spark (https://aws.amazon.com/about-aws/whats-new/2022/11/aws-announces-amazon-redshift-integration-apache-spark/) AWS announces Amazon Aurora zero-ETL integration with Amazon Redshift (https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-aurora-zero-etl-integration-redshift/) Serverless Open-Source Search Engine – Amazon OpenSearch Serverless (https://aws.amazon.com/opensearch-service/features/serverless/) Introducing AWS Glue 4.0 (https://aws.amazon.com/about-aws/whats-new/2022/11/introducing-aws-glue-4-0/) Security Introducing Amazon Security Lake (Preview) (https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-security-lake-preview/) AWS co-announces release of the Open Cybersecurity Schema Framework (OCSF) (https://aws.amazon.com/blogs/security/aws-co-announces-release-of-the-open-cybersecurity-schema-framework-ocsf-project/) Amazon GuardDuty now protects Amazon Elastic Kubernetes Service clusters (https://aws.amazon.com/about-aws/whats-new/2022/01/amazon-guardduty-elastic-kubernetes-service-clusters/) Solutions AWS CEO: The cloud isn't just about technology (https://www.protocol.com/enterprise/aws-adam-selipsky-cloud) AWS Supply Chain (https://aws.amazon.com/aws-supply-chain/) AWS Clean Room (https://aws.amazon.com/clean-rooms/) Announcing AWS SimSpace Weaver (https://aws.amazon.com/about-aws/whats-new/2022/11/aws-simspace-weaver-available/) Amazon Connect announces Contact Lens agent performance evaluation forms (https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-connect-contact-lens-agent-performance-evaluation-forms/) Introducing Amazon Omics (https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-omics-generally-available/) Corey Quinn on re:Invent (https://twitter.com/QuinnyPig/status/1597664998234345472) Ask SDT — “using a "supported platform" list to drive cross sales.” (https://softwaredefinedtalk.slack.com/archives/C6CDLDCVB/p1669255641385689) (SDT Slack) Relevant to your Interests SigmaOS raises $4 million to build a browser for productivity nerds (https://techcrunch.com/2022/11/16/sigmaos-raises-4-million-to-build-a-browser-for-productivity-nerds/) The Distributed Computing Manifesto (https://www.allthingsdistributed.com/2022/11/amazon-1998-distributed-computing-manifesto.html) Unpacking Musk's "hardcore" marching orders (https://www.axios.com/newsletters/axios-login-3bf3c6e4-d8cd-492c-942d-c7f80719e66b.html?chunk=0&utm_term=emshare#story0) Akeyless secures a cash infusion to help companies manage their passwords, certificates and keys (https://techcrunch.com/2022/11/16/akeyless-secures-a-cash-infusion-to-help-companies-manage-their-passwords-certificates-and-keys/) Vista passes halfway mark to $20bn target for latest flagship (https://www.privateequityinternational.com/vista-passes-halfway-mark-to-20bn-target-for-latest-flagship/) 1Password Will Support Passkeys Starting in Early 2023 (https://www.macrumors.com/2022/11/17/1password-passkeys-support-2023/) Passkeys: the future of authentication in 1Password (https://www.future.1password.com/passkeys/?utm_medium=sign-in-side-panel&utm_source=1password&utm_campaign=passkeys) 10,000 Google Employees Could Be Rated as Low Performers (https://www.theinformation.com/articles/10-000-google-employees-could-be-rated-as-low-performers) Resignations Roil Twitter as Elon Musk Tries Persuading Some Workers to Stay (https://www.nytimes.com/2022/11/17/technology/twitter-elon-musk-ftc.html) Hundreds of employees say no to being part of Elon Musk's ‘extremely hardcore' Twitter (https://www.theverge.com/2022/11/17/23465274/hundreds-of-twitter-employees-resign-from-elon-musk-hardcore-deadline) Security of Passkeys in the Google Password Manager (https://security.googleblog.com/2022/10/SecurityofPasskeysintheGooglePasswordManager.html) With $8.6M in seed funding, Nx wants to take monorepos mainstream (https://techcrunch.com/2022/11/17/with-8-6m-in-seed-funding-nx-wants-to-take-monorepos-mainstream/) Facebook parent Meta winding down some non-core hardware projects (https://www.reuters.com/technology/facebook-parent-meta-winding-down-some-non-core-hardware-projects-2022-11-11/) OpenStack passes 40 million cores in production use (https://www.theregister.com/2022/11/18/openstack_thriving_survey/) A note from CEO Andy Jassy about role eliminations (https://www.aboutamazon.com/news/company-news/a-note-from-ceo-andy-jassy-about-role-eliminations) Twitter is Going Great (https://twitterisgoinggreat.com/) Building Kubernetes Applications with Acorn (https://acorn.io/building-kubernetes-applications-with-acorn/) Platforms at Kubecon 2022 (https://blog.joshgav.com/posts/kubecon-platforms-review) Zoom's looming squeeze (https://www.axios.com/newsletters/axios-login-149ea16b-be11-451a-b4de-5a1e2f8f0ce7.html?chunk=0&utm_term=emshare#story0) Sony's VR headset-console integration could limit sales, but allow depth (https://www.emergingtechbrew.com/stories/2022/11/18/sony-s-vr-headset-console-integration-could-limit-sales-but-allow-depth?utm_campaign=etb&utm_medium=newsletter&utm_source=morning_brew&mid=f642abf4dca6751d0ec109d4cbc6782e) The State of Kubernetes {Open-Source} Security | ARMO (https://www.armosec.io/blog/the-state-of-kubernetes-open-source-security/) Considerations when implementing developer portals in regulated enterprise environments (https://www.redhat.com/en/blog/considerations-when-implementing-developer-portals-regulated-enterprise-environments) Broadcom's proposed $61B VMware acquisition scrutinized by UK regulators (https://techcrunch.com/2022/11/21/broadcoms-proposed-61b-vmware-acquisition-scrutinized-by-uk-regulators/) 2023 may be the year of multicloud Kubernetes (https://www.infoworld.com/article/3679752/2023-may-be-the-year-of-multicloud-kubernetes.html?utm_source=substack&utm_medium=email) Server-side WebAssembly prepares for takeoff in 2023 (https://www.techtarget.com/searchitoperations/news/252527414/Server-side-WebAssembly-prepares-for-takeoff-in-2023?utm_source=substack&utm_medium=email) Zoom shares drop on light forecast as company faces 'heightened deal scrutiny' (https://www.cnbc.com/2022/11/21/zoom-zm-earnings-q3-2023.html?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axioslogin&stream=top) What's coming for cloud computing in 2023 (https://www.infoworld.com/article/3680553/whats-coming-for-cloud-computing-in-2023.html) The Rise of Platform Engineering - Software Engineering Daily (https://softwareengineeringdaily.com/2020/02/13/setting-the-stage-for-platform-engineering/) IBM sues Micro Focus, claims it copied mainframe software (https://www.theregister.com/2022/11/22/ibm_sues_micro_focus_for/) How to beat the Kubernetes skills shortage (https://www.infoworld.com/article/3679749/how-to-beat-the-kubernetes-skills-shortage.html) TikTok Couldn't Ensure Accurate Responses To Government Inquiries, A ByteDance Risk Assessment Said (https://www.forbes.com/sites/emilybaker-white/2022/11/28/tiktok-inaccurate-government-inquiries-internal-bytedance-risk-assessment/?sh=7f57dc9723fe) Exclusive: Sam Bankman-Fried says he's down to $100,000 (https://www.axios.com/2022/11/29/sam-bankman-fried-100000-ftx-cftc-regulation?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axiosprorata&stream=top) Why Big Tech is not rushing to clone Twitter (https://www.axios.com/newsletters/axios-login-1cea6d1a-1428-448d-b0d3-5da3ae9425ef.html?chunk=0&utm_term=emshare#story0) Amazon Alexa is a “colossal failure,” on pace to lose $10 billion this year (https://arstechnica.com/gadgets/2022/11/amazon-alexa-is-a-colossal-failure-on-pace-to-lose-10-billion-this-year/) I analyzed 290 booths at KubeCon - here are the DevOps trends for 2023 (https://www.uptime.build/post/i-analyzed-290-booths-at-kubecon-here-are-the-devops-trends-for-2023?utm_source=substack&utm_medium=email) Nonsense Billionaires like Elon Musk want to save civilization by having tons of genetically superior kids. Inside the movement to take 'control of human evolution.' (https://www.businessinsider.com/pronatalism-elon-musk-simone-malcolm-collins-underpopulation-breeding-tech-2022-11) Australia: How 'bin chickens' learnt to wash poisonous cane toads (https://www.bbc.com/news/world-australia-63699884) A 12,000 lb. metal sculpture of Elon Musk's head on a goat body riding a rocket parked outside Tesla HQ failed to elicit a response from the billionaire (https://www.businessinsider.com/elon-musk-head-on-goat-body-riding-a-rocket-sculpture-2022-11) The leap second's time will be up in 2035—and tech companies are thrilled (https://www.popsci.com/technology/bipm-abandon-leap-second/) Conferences THAT Conference Texas Speakers and Schedule (https://that.us/events/tx/2023/schedule/). Jan 15th-18th use code SDT for 5% off CloudNativeSecurityCon North America (https://events.linuxfoundation.org/cloudnativesecuritycon-north-america/), Seattle, Feb 1 – 2, 2023 DevOpsDays Birmingham, AL 2023 (https://devopsdays.org/events/2023-birmingham-al/welcome/), April 20 - 21, 2023 Listener Feedback Sudesh shared a list of Tech Companies Hiring (https://airtable.com/shrAPDHg8apj4mnRR/tbl6Kz4KeeCp3HrSM) Send “End of Year” listener questions to questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com). SDT news & hype Join us in Slack (http://www.softwaredefinedtalk.com/slack). Get a SDT Sticker! Send your postal address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send you free laptop stickers! Follow us on Twitch (https://www.twitch.tv/sdtpodcast), Twitter (https://twitter.com/softwaredeftalk), Instagram (https://www.instagram.com/softwaredefinedtalk/), LinkedIn (https://www.linkedin.com/company/software-defined-talk/) and YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured). Use the code SDT to get $20 off Coté's book, Digital WTF (https://leanpub.com/digitalwtf/c/sdt), so $5 total. Become a sponsor of Software Defined Talk (https://www.softwaredefinedtalk.com/ads)! Recommendations Brandon: The Complete History & Strategy of Qualcomm (https://www.acquired.fm/episodes/qualcomm) Matt: Kishi Bashi This Must Be The Place (https://www.youtube.com/watch?v=IslMHJFkIME) Carma (https://carma.com.au) car purchase: referral code: REF22-872E Photo Credits Header (https://unsplash.com/photos/K8i-gRJHT_0) CoverArt (https://twitter.com/DevchicaJasmin/status/1597874321510526978)

InfosecTrain
What is Amazon GuardDuty?

InfosecTrain

Play Episode Listen Later Sep 6, 2022 5:16


Monitoring the infrastructure and identifying the threats is essential and challenging in the cloud. But to detect the threats and protect the infrastructure and workloads, you must deploy additional software and security infrastructure with appliances, sensors, and agents. Setting up the security controls across all accounts requires collecting and analyzing tremendous amounts of data. It accurately detects the threats, prioritizes them, and responds to alerts without disrupting the business flow. What is Amazon GuardDuty?

monitoring amazon guardduty
The Cloud Pod
175: AWS re:Inforces Their Dislike for OrcaSec

The Cloud Pod

Play Episode Listen Later Aug 4, 2022 48:49


On The Cloud Pod this week, the team gets skeptical on Prime Day numbers. Plus: AWS re:Inforce brings GuardDuty, Detective and Identity Center updates and announcements; Google Cloud says hola to Mexico with a new Latin American region; and Azure introduces its new cost API for EC and MCA customers. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

AWS Morning Brief
The Mental Breakdown of Auto-Remediation

AWS Morning Brief

Play Episode Listen Later Jul 27, 2022 5:14


Links: The Nigerian government scores this week's S3 Bucket Negligence Award New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals Automatically block suspicious DNS activity with Amazon GuardDuty and Route 53 Resolver DNS Firewall Use Security Hub custom actions to remediate S3 resources based on Macie discovery results  There has been significant improvement to the AWS IAM documentation around IAM best practices. Artillery lets you use Lambdas for open source load testing. 

The Cloud Pod
173: Oracle Begins Its Invasion of Sovereign Nations

The Cloud Pod

Play Episode Listen Later Jul 21, 2022 61:43


On The Cloud Pod this week, the team discusses shorting Jim Chanos amid the great cloud giant vs. colo standoff. Plus: Google prepares for a post-quantum world, Amazon EC2 M1 Mac instances are now generally available, and master of marketing Oracle introduces sovereign cloud regions for the European Union. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

Cloud Posse DevOps
Cloud Posse DevOps "Office Hours" (2022-07-13)

Cloud Posse DevOps "Office Hours" Podcast

Play Episode Listen Later Jul 13, 2022 60:17


Find out how we can help your company:https://cloudposse.com/quizCloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have. You can register here: https://cloudposse.com/office-hoursJoin the conversation: https://slack.cloudposse.com/Learn more about Cloud Posse:https://cloudposse.comhttps://cloudposse.com/accelerate/https://github.com/cloudpossehttps://sweetops.com/https://newsletter.cloudposse.comhttps://podcast.cloudposse.com/[00:00:00] Intro[00:01:09] Amazon GuardDuty introduces M/L capabilities to detect malicious S3 accesshttps://aws.amazon.com/about-aws/whats-new/2022/07/amazon-guardduty-machine-learning-detect-malicious-access-data-s3/[00:01:29] Pluralith Automate Terraform Documentation with Visualizationshttps://github.com/Pluralith/pluralith-cli[00:04:37] Free Public Beta of HCP Boundaryhttps://www.hashicorp.com/blog/announcing-launch-and-free-public-beta-of-hcp-boundary[00:06:08] AWS CloudFormation StackSets announces support for account level targeting in an Organizational Unithttps://aws.amazon.com/about-aws/whats-new/2022/07/aws-cloudformation-stacksets-support-account-level-targeting-organizational-unit/[00:07:31] Announcing the general availability of AWS Cloud WANhttps://aws.amazon.com/about-aws/whats-new/2022/07/general-availability-aws-cloud-wan/[00:08:50] v2 release of Cloud Posse's Terraform AWS security group modulehttps://github.com/cloudposse/terraform-aws-security-group/releases/tag/2.0.0-rc1[00:14:02] What are some options for exposing an internal Aurora Serverless PostgreSQL DB to an external application that requires the data to be up-to-date?[00:20:31] What if any alternatives to Docker Desktop are people using on Mac computers with Apple M1 chips ( darwin/arm64 ) [00:26:30] Any suggestions for convincing the team to avoid monolith TF folders with all the resource blocks in a single folder of TF files?[00:35:13] I hate Helm charts now :'D [00:47:33] Anyone worked with Terraspace? It's so nice to work with and it solves the monolith problem [00:50:48] Has anyone used Pulumi?[00:58:58] Outro #officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#awsSupport the show

Cloud Security News
Amazon GuardDuty now protects Amazon EKS

Cloud Security News

Play Episode Listen Later Feb 9, 2022 5:53


Cloud Security News this week 09 February 2022 - https://cloudsecuritypodcast.tv/cloud-security-news/ Brought you by JupiterOne - Find out more about them at https://jupiterone.com/csp Google Cloud has released the Virtual Machine Threat Detection tool as part of their Security Command Center for Premium customer. According to Google's blog this “is a first-to-market detection capability from a major cloud provider that provides agentless memory scanning to help detect threats like cryptomining malware inside your virtual machines running in Google Cloud.” For those familiar with AWS Guardduty, how does this compare - share with us on linkedin, twitter or on our website. You can read Google Cloud's announcement here. Being a Cloud Security Enthusiast, you are probably familiar with the Cloud Security Alliance, they are well known for defining standards, certifications, and best practices for security cloud environments. This week they have released DevSecOps - Pillar 4 Bridging Compliance and Development as part of the DevSecOps Six Pillars series. This document focuses on how compliance can be automated and better relate to security requirements. You can access the full document here. We would love to hear your thoughts about this pillar, so please share your views on www.cloudsecuritypodcast.tv Security Researcher Harsh Jaiswal received a bounty award of $17,576 for whats been described as a “pretty simple” but critical SSRF related to HelloSign's Google Drive Docs export feature.You can read more about the security team's response here and the vulnerability report here. Cloudflare, a Silicon Valley provider of content delivery network (CDN) and DDoS mitigation services has launched a public bug bounty program, further to their invite-only program in place since 2018. You can find out more about the program here Tenable, a popular product for vulnerability scanning, has announced new features to their cloud native application security program, Tenable.cs. You can find our more about tenable and tenable.cs here. Amazon GuardDuty now protects Amazon Elastic Kubernetes Service clusters. You can read more about this here Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News

Cloud Posse DevOps
Cloud Posse DevOps "Office Hours" (2022-02-02)

Cloud Posse DevOps "Office Hours" Podcast

Play Episode Listen Later Feb 3, 2022 55:48


Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have. You can register here: https://cloudposse.com/office-hoursJoin the conversation: https://slack.cloudposse.com/Find out how we can help your company:https://cloudposse.com/quizhttps://cloudposse.com/accelerate/Learn more about Cloud Posse:https://cloudposse.comhttps://github.com/cloudpossehttps://sweetops.com/https://newsletter.cloudposse.comhttps://podcast.cloudposse.com/[00:00:00​] Intro[00:01:19​] GitHub is down![00:01:38] SweetOps Upgraded to Paid Team (Big Thanks to our Spacelift sponsors)https://slack.cloudposse.com[00:05:07​] German Court Rules Websites Embedding Google Fonts Violates GDPRhttps://thehackernews.com/2022/01/german-court-rules-websites-embedding.html[00:05:48​] Earthly Builds for CIhttps://github.com/earthly/earthly[00:09:46​] Amazon GuardDuty now protects Amazon Elastic Kubernetes Service clustershttps://aws.amazon.com/about-aws/whats-new/2022/01/amazon-guardduty-elastic-kubernetes-service-clusters/[00:13:37​] Finally! A pretty dashboard to keep track of the status of your GitHub Actionshttps://github.com/chriskinsman/github-action-dashboard[00:20:37​] GOV.UK PaaS (on github!) https://www.cloud.service.gov.ukhttps://github.com/alphagov/govuk-terraform-provisioning[00:30:08​] Create an Impressive GitHub Profile README https://www.sitepoint.com/github-profile-readme/[00:32:39​] What tools are people already using to help refactor Terraform and what types of operations do they wish were more automated? [00:39:58] Integrations with Github Actions, Vault and Terraform Cloud[00:45:30​] Given the experience Cloud Posse has with being an open source-first company, what advice do you have for new startups with open source products?[00:54:54​] Outro #officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#awsSupport the show (https://cloudposse.com/office-hours/)

The Cloud Pod
150: The Cloud Pod Exfiltrates Jonathan's Credentials

The Cloud Pod

Play Episode Listen Later Feb 3, 2022 36:45


On The Cloud Pod this week, Jonathan is still AWOL. Also Amazon is on GuardDuty with credential exfiltration, Google Cloud Deploy is generally available, and Azure is suffering from more serious DDoS attacks.  A big thanks to this week's sponsors: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

AWS Morning Brief
Security Awareness Training in Five Minutes

AWS Morning Brief

Play Episode Listen Later Nov 4, 2021 7:16


Links: re:Quinnvent: https://requinnvent.com Don't be surprised when ‘move fast and break things' results in broken stuff: https://cloudpundit.com/2021/10/27/dont-be-surprised-when-move-fast-and-break-things-results-in-broken-stuff/ Twitter thread: https://Twitter.com/quinnypig/status/1453214680764219392 Correlate security findings with AWS Security Hub and Amazon EventBridge: https://aws.amazon.com/blogs/security/correlate-security-findings-with-aws-security-hub-and-amazon-eventbridge/ Three ways to improve your cybersecurity awareness program: https://aws.amazon.com/blogs/security/three-ways-to-improve-your-cybersecurity-awareness-program/ Amazon releases free cybersecurity awareness training: https://www.aboutamazon.com/news/community/amazon-releases-free-cybersecurity-awareness-training Quiet Riot: https://blog.traingrc.com/introducing-quiet-riot-c595cfa629e AWS inventory collection tool: https://github.com/darkbitio/aws-recon Deploys a Lambda: https://github.com/fivexl/Terraform-aws-CloudTrail-to-Slack TranscriptCorey: This is the AWS Morning Brief: Security Edition. AWS is fond of saying security is job zero. That means it's nobody in particular's job, which means it falls to the rest of us. Just the news you need to know, none of the fluff.Corey: This episode is sponsored in part by Liquibase. If you're anything like me, you've screwed up the database part of a deployment so severely that you've been banned from ever touching anything that remotely sounds like SQL at least three different companies. We've mostly got code deployment solved for, but when it comes to databases, we basically rely on desperate hope, with a rollback plan of keeping our resumes up to date. It doesn't have to be that way. Meet Liquibase. It's both an open-source project and a commercial offering. Liquibase lets you track, modify, and automate database schema changes across almost any database, with guardrails that ensure you'll still have a company left after you deploy the change. No matter where your database lives, Liquibase can help you solve your database deployment issues. Check them out today at liquibase.com. Offer does not apply to Route 53.Corey: I'll be hosting a drinkup-slash-meetup at Optimism Brewery in Seattle tonight at 7 p.m. if you're in town, stop on by and let me buy you a drink. And of course, re:Quinnvent approaches if you're interested in keeping up with what my nonsense looks like, check out requinnvent.com.Corey: Let's see what happened in the world of security last week. Lydia Leong of Gartner has been on a tear lately. Don't be surprised when ‘move fast and break things' results in broken stuff is her latest and an important read. The goal isn't to slow things down; it's to build guardrails that mean you can move fast, safely. That's the goal of security, to provide safety, not impenetrable blockers to getting work done. Forget this at your own peril.I also wrote my own Security Awareness Training in the form of a Twitter thread. It's like a normal version except it's funny. Don't discount that, though; it's not a joke. If you make people laugh, you've gotten their attention. If you have their attention, then you've got a chance to teach them something.What'd AWS have to say about security last week? Correlate security findings with AWS Security Hub and Amazon EventBridge. So, let me get this straight. AWS sells and charges for Amazon GuardDuty, Amazon Macie, Amazon Inspector, and Amazon Detective, but still wants you to wire stuff together yourself in order to correlate events? How are they so good at the technology bits and so very bad at the ‘tying it all together with a neat presentation' part?Corey: This episode is sponsored in part by something new. Cloud Academy is a training platform built on two primary goals: having the highest quality content in tech and cloud skills, and building a good community that is rich and full of IT and engineering professionals. You wouldn't think those things go together, but sometimes they do. It's both useful for individuals and large enterprises, but here's what makes this something new—I don't use that term lightly—Cloud Academy invites you to showcase just how good your AWS skills are. For the next four weeks, you'll have a chance to prove yourself. Compete in four unique lab challenges where they'll be awarding more than $2,000 in cash and prizes. I'm not kidding: first place is a thousand bucks. Pre-register for the first challenge now, one that I picked out myself on Amazon SNS image resizing, by visiting cloudacademy.com/corey—C-O-R-E-Y. That's cloudacademy.com/corey. We're going to have some fun with this one.Three ways to improve your cybersecurity awareness program. It would seem that one of them isn't, “Google for ‘Azure Security September' and stand back.” I like the three points—which are: to be sure to articulate personal value, be inclusive, and weave it into workflows—because they're not technical, they're psychological. That's where security, just like cloud economics, starts and stops. It's people more than it is computers.And Amazon releases free cybersecurity awareness training. Unfortunately, the transcript is all of 700 words long. This is a problem. Part of the reason you have a program to train staff on cybersecurity awareness is so you can make a good-faith argument that when you inevitably suffer an attack, you'd done all that you could to train folks on proper security behaviors. Unfortunately, a training program that's made of fewer words than this podcast episode seems unlikely to be convincing.And now to the tool. Remember when I talked about being able to enumerate roles and account IDs via public calls, but AWS said it wasn't a problem? Meet Quiet Riot, a tool built to do exactly that in bulk. This is going to be a problem that AWS will have to acknowledge at some point. It's your move, folks.An AWS inventory collection tool called aws-recon that focuses on security-relevant metadata is a useful thing to have. The first and surprisingly difficult step of securing a cloud environment is understanding and enumerating what the heck's running inside of it. I'm astounded that the only first-party answer to this remains ‘the bill.'And finally, I found a Terraform module that deploys a Lambda to watch CloudTrail and report to Slack—got all that? Good lord—whenever certain things happen. Those things include root logins, console logins without MFA, API calls that failed due to lack of permissions, and more. This might get noisy, but I'd consider deploying at least the big important ones.And that's what happened last week in AWS security. I'll talk to you next week.Corey: I have been your host, Corey Quinn, and if you remember nothing else, it's that when you don't get what you want, you get experience instead. Let my experience guide you with the things you need to know in the AWS security world, so you can get back to doing your actual job. Thank you for listening to the AWS Morning Brief: Security Editionwith the latest in AWS security that actually matters. Please follow AWS Morning Brief on Apple Podcast, Spotify, Overcast—or wherever the hell it is you find the dulcet tones of my voice—and be sure to sign up for the Last Week in AWS newsletter at lastweekinaws.com.Announcer: This has been a HumblePod production. Stay humble.

Der AWS-Podcast auf Deutsch
27 - Drei Tipps zur Sicherheit in AWS

Der AWS-Podcast auf Deutsch

Play Episode Listen Later May 19, 2021 6:56


In dieser Episode hat Dennis drei kurze Tipps, mit denen ihr euern AWS-Account absichern könnt. Benutzt nicht den Root-User Protokolliert die Aktivitäten im AWS-Account mit AWS CloudTrail Aktiviert Amazon GuardDuty zur automatischen Entdeckung von potenziellen Bedrohungen Der offizielle deutschsprachige Podcast rund um Amazon Web Services (AWS), für Neugierige, Cloud-Einsteiger und AWS-Experten, produziert von Dennis Traub, Developer Advocate bei AWS. Bei Fragen, Anregungen und Feedback wendet euch gerne direkt an Dennis auf Twitter (@dtraub) oder per Mail an traubd@amazon.com. Links zum Thema: Security best practices in IAM: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html AWS CloudTrail: https://aws.amazon.com/cloudtrail/ Configure MFA delete fpr Amazon S3: https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiFactorAuthenticationDelete.html Amazon GuardDuty: https://aws.amazon.com/guardduty/ GuardDuty finding types: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_finding-types-active.html Für mehr Infos, Tipps und Tricks rund um AWS und die Cloud folgt Dennis auf: Twitter - https://twitter.com/dtraub Twitch - https://www.twitch.tv/dennis_at_work YouTube - https://www.youtube.com/dennistraub

Paul's Security Weekly TV
SWVHSC: Amazon GuardDuty, Sandboxing & Workload Isolation, & No More SHA-1 - ASW #117

Paul's Security Weekly TV

Play Episode Listen Later Aug 4, 2020 29:44


Using Amazon GuardDuty to Protect Your S3, OkCupid Security Flaw Threatens Intimate Dater Details, Florida teen charged as “mastermind” in Twitter hack hitting Biden, Bezos, and others, Sandboxing and Workload Isolation, and Microsoft to remove all SHA-1 Windows downloads next week!   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw117

Application Security Weekly (Video)
SWVHSC: Amazon GuardDuty, Sandboxing & Workload Isolation, & No More SHA-1 - ASW #117

Application Security Weekly (Video)

Play Episode Listen Later Aug 4, 2020 29:44


Using Amazon GuardDuty to Protect Your S3, OkCupid Security Flaw Threatens Intimate Dater Details, Florida teen charged as “mastermind” in Twitter hack hitting Biden, Bezos, and others, Sandboxing and Workload Isolation, and Microsoft to remove all SHA-1 Windows downloads next week!   Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/asw117

The Cloud Pod
The CloudPod opens the Azure front door – EP65

The Cloud Pod

Play Episode Listen Later Apr 2, 2020 38:20


Jonathan is out with a back injury, so it's just Justin and Peter on this week's intranational episode of The Cloud Pod. A big thanks to this week's sponsor: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights Teleconferencing services continue to boom. Amazon opens up a new avenue of attack on Microsoft's JEDI contract. Azure UK declares it will triage who gets service if need be. General News: Cloud Provider Moves to Internet for Business Business for web conferencing applications has boomed this month. Microsoft Teams gained 12 million users in a week and Slack's paid version gained over 7,000 customers since the start of February. Hopefully people continue to use these tools to stay more connected even after we've gotten through this pandemic. With AWS testing centers closed, AWS Certification is now offering all exams online with online proctoring. Considerations are being made for those who need to reschedule. AWS: Chipping Away at JEDI The price of Amazon GuardDuty use over 10,000 gigabytes (GB) was reduced

AWS TechChat
Episode 65 - November 2019 --> January 2020 Tech Round-up - Part 1

AWS TechChat

Play Episode Listen Later Jan 9, 2020 28:55


In this Episode of AWS TechChat, I cover some of the missed but very important updates that occurred in the last few months (November 2019 to January 2020) whilst we embraced re:Invent 2019. The show starts with the introduction of AWS Lambda Destinations. It’s a new feature of Lambda that provides visibility into a Lambda functions invocation and routes the execution results to AWS services, which simplifying event-driven applications when a function is invoked asynchronously, I pivot to a raft of EC2 updates, starting with some house keeping with longer Amazon EC2 Resource IDs. From now until the end of April 2020, you can test your systems with the longer format and opt in when you are ready but after April 2020. All new resources will be created with longer resource IDs by default. It applies only to new resources and i encourage you test out before April 2020. Amazon ElastiCache and Amazon Relational Database Service (RDS) are now having new Amazon EC2 instance types available for you. Saving you money and increasing performance. I also touch on how the credit system works on our T instances. Next, I introduce an entirely new service - AWS Data Exchange, which is a new service that makes it easy to securely find, subscribe to, and use third-party data in the cloud. Before jumping in to five FSx for Windows updates around De-Duplication, Encryption, PowerShell, Smaller Volume Sizes and File Share Witnesses for SQL, I talk about Amazon GuardDuty. You can now export findings from across regions and also export findings from all associated member accounts and all AWS regions to a single S3 bucket. To close out the show, I share a unique but important update on Amazon Route53. It now supports overlapping name spaces, simplifying complex AWS accounts Speakers: Shane Baldacchino - Solutions Architect, ANZ, AWS Resources: Introducing AWS Lambda Destinations https://aws.amazon.com/blogs/compute/introducing-aws-lambda-destinations/ Longer Format Resource IDs are Now Available in Amazon EC2 https://aws.amazon.com/about-aws/whats-new/2019/11/longer-format-resource-ids-are-now-available-in-amazon-ec2/ Amazon ElastiCache now supports T3-Standard cache nodes https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-elasticache-now-supports-t3-standard-cache-nodes/ RDS New Instance Types https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-rds-for-sql-server-now-supports-additional-instance-sizes/ Amazon EC2 Auto Scaling Now Supports Maximum Instance Lifetime https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-ec2-auto-scaling-supports-max-instance-lifetime Amazon EC2 Auto Scaling Now Supports Instance Weighting https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-ec2-auto-scaling-supports-instance-weighting/ Introducing AWS Data Exchange https://aws.amazon.com/about-aws/whats-new/2019/11/introducing-aws-data-exchange/ Amazon GuardDuty Supports Exporting Findings to an Amazon S3 Bucket https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-guardduty-supports-exporting-findings-to-an-amazon-s3-bucket/ Amazon FSx for Windows File Server now supports Data Deduplication, reducing storage costs by 50-60% for general file shares https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-fsx-windows-file-server-supports-data-deduplication-reducing-storage-costs/ Amazon Route 53 Now Supports Overlapping Namespaces For Private Hosted Zones https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-route-53-now-supports-overlapping-namespaces-for-private-hosted-zones/ AWS Events: AWS Builders Online Series https://aws.amazon.com/events/builders-online-series/ AWS Innovate AIML Edition https://aws.amazon.com/events/aws-innovate/machine-learning/ AWS Innovate DeepRacer Challenge https://aws.amazon.com/events/aws-innovate/machine-learning/deepracer/

tech saving windows aws ids invent s3 sql encryption anz lambda powershell ec2 amazon ec2 fsx amazon route amazon guardduty amazon elasticache amazon fsx windows file server
AWS re:Invent 2019
SEC356: Prepare for & respond to security incidents in your AWS environment

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 52:45


In this session, we walk through what you need to do to be prepared to respond to security incidents in your AWS environments. We start off with planning best practices, move through the configurations that will help deliver protective and detective controls, then finally show you how you can improve your response capability. Learn how AWS Organizations, AWS Identity and Access Management (IAM), Amazon GuardDuty, AWS Security Hub, AWS Lambda, AWS WAF, AWS Systems Manager, and AWS Key Management Service (AWS KMS) can help take you from protect and detect to respond and recover.

AWS re:Invent 2019
SEC339: Actionable threat hunting in AWS

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 34:59


Learn how WarnerMedia leveraged Amazon GuardDuty, AWS CloudTrail, and its own serverless inventory tool (Antiope) to root out cloud vulnerabilities, insecure behavior, and potential account compromise activities across a large number of accounts. We cover how WarnerMedia centralizes and automates its security tooling, offer detailed Splunk queries for GuardDuty and CloudTrail, and discuss how Antiope is used for vulnerability hunting. We cover the scaling issues incurred during a large enterprise merger. Leave this session with a strategy and an actionable set of detections for finding potential data breaches and account compromises.

AWS re:Invent 2019
SEC312: [NEW LAUNCH!] Introducing Amazon Detective

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 49:29


Amazon Detective makes it easy to investigate, analyze, and quickly identify the root cause of potential security issues or suspicious activities. Amazon Detective automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to help you visualize and conduct faster and more efficient security investigations. Amazon Detective is integrated with AWS security services such as Amazon GuardDuty and AWS Security Hub as well as AWS partner security products. In this session, we also demonstrate Amazon Detective and provide a walkthrough of how to investigate a security finding.

amazon launch detectives aws aws security hub amazon guardduty
AWS re:Invent 2019
SEC206-R1: Threat management in the cloud: Amazon GuardDuty & AWS Security Hub

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 47:40


Amazon GuardDuty and AWS Security Hub in tandem provide continuous visibility, compliance, and detection of threats for AWS accounts and workloads. Amazon GuardDuty enables customers to achieve continuous security monitoring to detect threats in the cloud. AWS Security Hub enables customers to continuously monitor their environment using automated compliance checks based on AWS best practices and industry standards. In this session, we introduce you to Amazon GuardDuty and AWS Security Hub and walk you through the detection of an event; aggregation; prioritization of security findings; and the identification of possible remediation actions and other responses.

cloud aws threat management aws security hub amazon guardduty
AWS re:Invent 2019
DEM157: Monitor security & automate compliance checks with AWS Security Hub

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 22:23


AWS Security Hub provides a comprehensive view of high-priority security alerts and compliance status across AWS accounts. Security Hub provides a single location to aggregate, organize, and prioritize your security alerts or findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions. You can also continuously monitor your environment using automated compliance checks based on the AWS best practices and open standards that your organization follows. In this demo, we provide a walkthrough of how Security Hub aggregates findings, conducts compliance checks, and helps you respond and remediate findings.

compliance checks monitor aws automate aws partner aws security hub amazon guardduty amazon inspector
AWS TechChat
Episode 60 - November 2019 Tech Round-up

AWS TechChat

Play Episode Listen Later Nov 14, 2019 39:22


In this round-up episode of AWS TechChat, Shane and Gabe come at you with raft of short sharp and important updates that occurred in October and November in the year 2019. The show starts with a fun announcement - Amazon WordPress plugin. It combines our plugins around Amazon Polly and Amazon Translate, now provides a workflow to configure an Amazon CloudFront distribution. It is available to download from the WordPress Plugin Directory. Coming up next, something rather huge in the world of AWS - Savings Plans. They introduce the latest cost-savings plans, discuss how it compares to Reserved Instances (RI), talk about the two variations - Compute and Amazon Elastic Compute Cloud (EC2) instance and show you how to get started a savings plan. Amazon CloudWatch has now launched cross-accoun t and cross-region dashboard giving you an aggregated and single pane of view across multiple AWS accounts allowing you to display what matters to you. Amazon Relational Database Service (RDS) on VMware has now gone GA, allowing you to run a database engine on your own hardware while the Amazon RDS service automates the time-consuming administration tasks. It would not be an update show without Container updates! Amazon Elastic Container Registry (ECR) now has container-scanning feature allowing you to detect CVE’s. Kubernetes has integration with Amazon EC2 Spot Instances and Amazon Elastic Container Service (ECS) now has Cloud Development Kit (CDK) support. Lastly, to close out the show, they continue with more updates with Amazon GuardDuty. Amazon GuardDuty introduces three new threat detections, two around Amazon Simple Storage Service (S3) - S3BlockPublicAccessDisabled and S3ServerAccessLoggingDisabled. Last one focus on EC2/MetaDataDNSRebind which informs you that an EC2 instance metadata exfiltration. Speakers: Shane Baldacchino - Solutions Architect, ANZ, AWS Gabe Hollombe - Senior Technical Evangelist, APAC, AWS Resources: AWS for WordPress plugin now available https://aws.amazon.com/about-aws/whats-new/2019/10/aws-for-wordpress-plugin-now-available-and-with-new-amazon-cloudfront-workflow/ Introducing Savings Plans - https://aws.amazon.com/about-aws/whats-new/2019/11/introducing-savings-plans/ Amazon CloudWatch launches cross-account cross-region dashboards https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-cloudwatch-launches-cross-account-cross-region-dashboards/ Amazon RDS on VMware is now generally available - https://aws.amazon.com/about-aws/whats-new/2019/10/amazon-rds-on-vmware-is-now-generally-available/ The Node Termination Handler https://github.com/aws/aws-node-termination-handler Amazon GuardDuty Adds Three New Threat Detections - https://aws.amazon.com/about-aws/whats-new/2019/10/amazon-guardduty-adds-three-new-threat-detections/ AWS Events: AWS Builders Online Series on-demand https://resources.awscloud.com/aws-builders-online-series AWS Modern Application Development on-demand https://aws.amazon.com/events/application/modern-app-development/ AWS Innovate on-demand https://aws.amazon.com/events/aws-innovate/ AWS re:Invent https://reinvent.awsevents.com/ AWS Events and Webinars https://aws.amazon.com/events/

DevOps Chat
AWS re:Inforce Global Intelligence for Guard Duty, Sumo Logic

DevOps Chat

Play Episode Listen Later Jun 25, 2019 20:17


Wouldn’t it be helpful to know if other cloud users are seeing the same or similar attacks that you are? Security intelligence about cloud applications beyond just those you own and operate as an enterprise opens up a new dimension in attack visibility against an even large sets of cloud apps. Sumo Logic announced its extending their machine analytics and intelligence platform to include AWS Guard Duty during AWS re:Inforce 2019. Dubbed Global Intelligence Service for Amazon GuardDuty, the new service is more than just a data aggregation and reporting play. The new service provides additional context around GuardDuty data by reporting attack information across multiple Sumo Logic customers using AWS GuardDuty. Essentially a “crowdsourcing” approach to reporting threat intelligence across the cloud. In this episode of DevOps Chat, David Andrejewski, Senior Engineering Manager at Sumo Logic, joins us to talk about this new, more expansive threat intelligence service. More information about Global Intelligence Service for Amazon GuardDuty is available in the press release and website at https://www.sumologic.com/application/aws-guardduty/ .

AWS re:Invent 2018
SEC397: NEW LAUNCH! Introduction to AWS Security Hub

AWS re:Invent 2018

Play Episode Listen Later Nov 30, 2018 52:28


Learn about AWS Security Hub, and how it gives you a comprehensive view of your high-priority security alerts and your compliance status across AWS accounts. See how Security Hub aggregates, organizes, and prioritizes your alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions. We will demonstrate how you can continuously monitor your environment using compliance checks based on the AWS best practices and industry standards your organization follows.

launch aws aws partner aws security hub amazon guardduty amazon inspector
AWS re:Invent 2018
SEC311: AWS and Symantec: Cyber Defense at Scale

AWS re:Invent 2018

Play Episode Listen Later Nov 30, 2018 55:37


Learn how Symantec uses AWS to provide complete, integrated security solutions that monitor and protect companies and governments from hackers. Hear about lessons learned from how Symantec scaled up its infrastructure to analyze billions of logs every day to detect the world's most sophisticated cyber attacks, and you'll see how Symantec integrates with native AWS services, like Amazon GuardDuty, AWS Lambda, and AWS Systems Manager, into its own security solutions to provide even better security in the cloud. This session is brought to you by AWS partner, Symantec Corporation.

scale aws symantec cyber defense aws lambda symantec corporation amazon guardduty aws systems manager
AWS re:Invent 2018
SEC309: Moody's: Deploying Cloud-Native Architectures with Automation

AWS re:Invent 2018

Play Episode Listen Later Nov 30, 2018 37:41


As Moody's AWS presence continues to grow, automation becomes a critical tool that can facilitate the rapid onboarding of new applications, VPCs, and acquisitions while ensuring they are secured appropriately. Moody's has chosen Terraform as their tool of choice to define and deploy their application and security infrastructure for a range of different use cases on AWS. In this session, we dive deep into a range of automation use cases, including: AWS infrastructure creation; deployment of a shared service environment; onboarding of new/existing lines-of-business; and Integration with threat intelligence services such as Amazon GuardDuty. This session is brought to you by AWS partner, Palo Alto Networks.

AWS Podcast
#251: [Security and Compliance: GDPR Special#2] - Amazon GuardDuty

AWS Podcast

Play Episode Listen Later Jun 26, 2018 28:34


Amazon GuardDuty can be turned on with a single click and it doesn’t require deployment of software or security infrastructure. The service uses machine learning to monitor metadata for access activity, such as unusual API calls. GuardDuty also has threat detections that could be helpful to customers concerned with data privacy or facing regulations such as the EU’s General Data Privacy Regulation (GDPR). Listen to the podcast with Senior Product Manager Michael Fuller to learn how Amazon GuardDuty could be leveraged to meet your compliance considerations. https://aws.amazon.com/guardduty/ https://aws.amazon.com/compliance/gdpr-center/

AWS re:Invent 2017
SID218: NEW LAUNCH! Introduction to Amazon GuardDuty

AWS re:Invent 2017

Play Episode Listen Later Nov 30, 2017 50:43


Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. Enabled with a few clicks in the AWS Management Console, Amazon GuardDuty can immediately begin analyzing billions of events across your AWS accounts for signs of risk. It does not require you to deploy and maintain software or security infrastructure, meaning it can be enabled quickly with no risk of negatively impacting existing application workloads.

launch api aws enabled aws management console amazon guardduty