Podcasts about aws security hub

  • 20PODCASTS
  • 41EPISODES
  • 34mAVG DURATION
  • ?INFREQUENT EPISODES
  • Dec 4, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about aws security hub

Latest podcast episodes about aws security hub

Irish Tech News Audio Articles
ServiceNow and AWS expand strategic collaboration with new capabilities to accelerate AI transformation

Irish Tech News Audio Articles

Play Episode Listen Later Dec 4, 2024 6:24


ServiceNow (NYSE: NOW), the AI platform for business transformation, and Amazon Web Services (AWS) has announced an expanded strategic collaboration with new capabilities to accelerate AI-driven business transformation across every corner of the enterprise. A new connector enables the seamless use of multimodal models developed and trained on Amazon Bedrock for GenAI-powered workflows in the Now Platform. Additional automation solutions and integrations to seamlessly manage security incidents and procurement are now available on the AWS Marketplace. By deepening its collaboration with AWS and expanding geographically to Canada and Europe expected in 2025, the companies are supercharging value to customers across key industries, including telco, technology, financial services, education, and retail. Connecting Amazon Bedrock models to ServiceNow helps enterprises boost the development and deployment of GenAI solutions. The new connector allows customers to connect seamlessly to their choice of third-party models, based on their specific workflow needs, such as summarisation, advanced analytics, or code generation. Data remains private and secure through ServiceNow and AWS, and customers can set up the integration quickly and easily. "Our partnership with AWS is accelerating business transformation for our joint customers," said Paul Fipps, president of Strategic Accounts at ServiceNow. "More than ever before, organisations demand integrated, end-to-end solutions that enhance user experiences and optimise technology investments. Together, ServiceNow's GenAI workflows and AWS's next-gen cloud capabilities deliver on that promise." "We are committed to empowering our customers with the industry's best tools and resources by leveraging AWS Marketplace to build, deploy and scale GenAI," said Chris Grusz, Managing Director, Technology Partnerships, AWS. "Working with ServiceNow, we're helping our enterprise customers accelerate GenAI deployments and get the most value out of their cloud investments." Expanding integrated solutions, now available in AWS Marketplace ServiceNow is also announcing the availability of new solutions in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS. ServiceNow Security Incident Response integration with AWS Security Hub: AWS Marketplace - Uses security findings from AWS Security Hub to automate the creation of security incidents in SecOps on the Now Platform, often resulting in faster, more efficient incident response and remediation. Resolved incidents and findings will then automatically be updated in AWS Security Hub. Integration with Amazon Business Procurement - Integrates Amazon Business procurement with ServiceNow Procurement Operations to enable greater visibility into approved suppliers, purchase requests, changes to prices, order confirmation, and shipping notifications. This streamlines the approval and onboarding of Amazon Business as a supplier for the enterprise and provides built-in governance and procurement policies for Now Platform users. Accelerating business outcomes, maximising cloud investment This announcement builds on ServiceNow and AWS's continued collaboration, bringing the advanced cloud capabilities of AWS to the innovative solutions on the Now Platform, helping customers accelerate business outcomes, realise cloud value, enhance digital experiences, and reimagine GenAI-powered workflows. A range of global enterprise customers, including Bell Canada, Boomi and Pearson are already seeing remarkable value and significant cost savings. Bell Canada "ServiceNow has become a cornerstone of Bell Canada's enterprise services strategy to streamline and enhance end-to-end processes," said John Watson, President, Bell Business Markets, AI and FX Innovation. "By harnessing the Now Platform's advanced automation and AI capabilities powered by AWS, we are dr...

cloudonaut
#086 Overwhelmed by Security Hub

cloudonaut

Play Episode Listen Later Feb 13, 2024 32:36


Andreas and Michael are sharing their learning while building on AWS. This episode is about AWS Security Hub and how to get any value out of the predefined security controls. Besides that, Andreas and Michael celebrate their 9th company anniversary by giving insights into their story. Last but not least, Andreas asks Michael about his thoughts on the latest AWS announcements.

Cloud Security Podcast
AWS reInvent 2023 - Security highlights and announcements

Cloud Security Podcast

Play Episode Listen Later Dec 5, 2023 56:00


Cloud Security Podcast just got back from AWS re:invent 2023, there was a lot of chat around, you guessed it - GenAI but along with that there were plenty of security updates and announcement. Shilpi and Ashish broke them all down for you and what it all actually means for all security practitioners. Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠ Questions asked: (00:00) Introduction (04:49) GenAI at AWS re:Invent (06:01) No new security service announced (06:48) Updates from CEO and CTO Keynotes (11:29) What is Amazon Inspector? (12:10) Amazon Inspector Security Updates (15:09) What is AWS Security Hub? (15:52) AWS Security Hub Security Updates (18:52) What is Amazon GuardDuty? (20:10) Amazon GuardDuty Security Updates (22:49) What is Amazon Detective? (23:45) Amazon Detective Security Updates (26:22) What is IAM Access Analyser? (28:06) IAM Access Analyser Security Updates (30:33) What is AWS Config? (31:25) AWS Config Security Updates (32:35) Other Security Updates (33:46) 3 Layers of AI (35:21) What is Amazon CodeWhisperer? (36:36) Amazon Application Composer (37:34) Guardrails for Bedrock (38:13) Amazon Q (41:17) Zero Trust (41:45) Ransomware (44:29) Security Talks (45:54) Input filtering and validation for WAF (50:31) Enterprise IAM and data perimeter (53:00) Conclusion and find out more! You can check out the Top announcements of AWS re:Invent 2023 + AWS re:Invent 2023 - Security Compliance & Identity

AWS Morning Brief
Protect Azure DevOps secrets? What a novel idea!

AWS Morning Brief

Play Episode Listen Later Jul 27, 2023 3:20


Last week in security news: A Guide to S3 Logging, Optimize AWS Config for AWS Security Hub, Amazon Told Drivers Not to Worry About In-Van Surveillance Cameras. Now Footage Is Leaking Online, and More!Links: Guide to S3 Logging  Good on JumpCloud for disclosing a breach by some state-backed APT hacking group, but I learned about it from this article, and I'm a JumpCloud customer. Charlie Bel issued a security roadmap for Microsoft: Protect Azure DevOps secrets is the first item on it. What a novel idea! Amazon Told Drivers Not to Worry About In-Van Surveillance Cameras. Now Footage Is Leaking Online Yes, the compromised Microsoft key that they glossed over is incredibly important and Microsoft is downplaying it something fierce. Optimize AWS Config for AWS Security Hub to effectively manage your cloud security posture Tool of the Week: IAMActionHunter lets you query IAM permission policies

The Cloud Pod
216: The Cloud Pod is Feeling Elevated Enough to Record the Podcast

The Cloud Pod

Play Episode Listen Later Jun 30, 2023 30:53


Welcome to the newest episode of The Cloud Pod podcast - where the forecast is always cloudy! Today your hosts are Jonathan and Matt as we discuss all things cloud and AI, including Temporary Elevated Access Management (or TEAM, since we REALLY like acronyms today)  FTP servers, SQL servers and all the other servers, as well as pipelines, whether or not the government should regulate AI (spoiler alert: the AI companies don't think so) and some updates to security at Amazon and Google.  Titles we almost went with this week: The Cloud Pod's FTP server now with post-quantum keys support The CloudPod can now Team into your account, but only temporarily  The CloudPod dusts off their old floppy drive  The CloudPod dusts off their old SQL server disks The CloudPod is feeling temporarily elevated to do a podcast The CloudPod promise that AI will not take over the world The CloudPod duals with keys The CloudPod is feeling temporarily elevated. A big thanks to this week's sponsor: Foghorn Consulting, provides top-notch cloud and DevOps engineers to the world's most innovative companies. Initiatives stalled because you have trouble hiring?  Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week.

The Cloud Pod
214: The Cloud Pod Loves Inspector Gadget

The Cloud Pod

Play Episode Listen Later Jun 5, 2023 60:42


The Cloud Pod
208: Azure AI Lost in Space

The Cloud Pod

Play Episode Listen Later Apr 21, 2023 57:43


Welcome to the newest episode of The Cloud Pod podcast! Justin, Ryan and Matthew are your hosts this week as we discuss all the latest news and announcements in the world of the cloud and AI. Do people really love Matt's Azure know-how? Can Google make Bard fit into literally everything they make? What's the latest with Azure AI and their space collaborations? Let's find out! Titles we almost went with this week: Clouds in Space, Fictional Realms of Oracles, Oh My.  The cloudpod streams lambda to the cloud A big thanks to this week's sponsor:  Foghorn Consulting, provides top-notch cloud and DevOps engineers to the world's most innovative companies. Initiatives stalled because you have trouble hiring?  Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week.

Le Podcast AWS en Français
Quoi de neuf ?

Le Podcast AWS en Français

Play Episode Listen Later Dec 30, 2022 13:13


Le dernier podcast

Le Podcast AWS en Français
Quoi de neuf ?

Le Podcast AWS en Français

Play Episode Listen Later Dec 30, 2022 13:13


Le dernier podcast

AWS Morning Brief
Censoring Myself Out of Pure Self-Interest

AWS Morning Brief

Play Episode Listen Later Dec 15, 2022 4:35


Links: Infosys leaked FullAdminAccess AWS keys on PyPi for over a year. Rackspace has suffered a ransomware attack  AWS Security Hub now integrates with AWS Control Tower AWS Verified Access Preview — VPN-less Secure Network Access to Corporate Applications The Open Source Security Index 

The Tech Blog Writer Podcast
2203: Cloud Security Orchestration and Remediation

The Tech Blog Writer Podcast

Play Episode Listen Later Dec 13, 2022 22:47


Visibility and detection tools such as Orca, AWS Security Hub, Wiz, Lacework, and others revolutionized cloud security assessment and analysis, inching the world of SecOps towards remediation. The transformation they introduced to risk prioritization and assessment in the cloud brought to the surface valuable indications and alerts that required the attention of security teams. SecOps teams are now swamped with a growing number of security findings but no comprehensive tools or streamlined processes to remediate them. Opus is filling that gap. Meny Har witnessed firsthand the growing need for SecOps orchestration in cloud security remediation. Listen in as Meny shares with me how they have built a solution that will do for cloud SecOps remediation what Orca, Wiz, and others did for cloud risk detection and prioritization. Opus strives to transform cloud SecOps by enabling organizations to effectively respond and remediate in the cloud. About Opus Opus Security is a Cloud Security Orchestration and Remediation startup emerging from stealth with funding in the double-digit millions led by YL Ventures, Tiger Global, and big-name security executives and serial entrepreneurs, including the CEOs of CrowdStrike and Cyber Ark. The co-founders, are experienced, successful executives who come out of Siemplify, acquired by Google in Jan. to boost SecOps. Tech Talks Daily Podcast Sponsor Check out Flippa, who is the show sponsor in December. Find out more information at https://flippa.com/tech-talks

The Cloud Pod
180: Azure Data Explorer Says ‘All Your S3 Data are Belong to Us'

The Cloud Pod

Play Episode Listen Later Sep 9, 2022 46:00


On The Cloud Pod this week, Amazon adds the ability to embed fine-grained visualizations directly onto web pages, Google offers pay-as-you-go pricing for Apigee customers, and Microsoft launches Arm-based Azure VMs that are powered by ampere chips. Thank you to our sponsor, Foghorn Consulting, which provides top notch cloud and DevOps engineers to the world's most innovative companies. Initiatives stalled because you're having trouble hiring? Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week. Episode Highlights ⏰  Fine-grained visualizations can now be embedded directly into your webpages and applications ⏰  Google is now offering pay-as-you-go pricing for its Apigee API customers ⏰  Microsoft launches Arm-based Azure VMs powered by ampere chips Top Quote

The Cloud Pod
173: Oracle Begins Its Invasion of Sovereign Nations

The Cloud Pod

Play Episode Listen Later Jul 21, 2022 61:43


On The Cloud Pod this week, the team discusses shorting Jim Chanos amid the great cloud giant vs. colo standoff. Plus: Google prepares for a post-quantum world, Amazon EC2 M1 Mac instances are now generally available, and master of marketing Oracle introduces sovereign cloud regions for the European Union. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

Cloud Posse DevOps
Cloud Posse DevOps "Office Hours" (2022-04-20)

Cloud Posse DevOps "Office Hours" Podcast

Play Episode Listen Later Apr 20, 2022 56:02


Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have. You can register here: https://cloudposse.com/office-hoursJoin the conversation: https://slack.cloudposse.com/Find out how we can help your company:https://cloudposse.com/quizhttps://cloudposse.com/accelerate/Learn more about Cloud Posse:https://cloudposse.comhttps://github.com/cloudpossehttps://sweetops.com/https://newsletter.cloudposse.comhttps://podcast.cloudposse.com/[00:00:00] Intro[00:01:22] Terraform Experiment Update: Optional arguments in object variable type definitionhttps://github.com/hashicorp/terraform/issues/19898#issuecomment-1101853833[00:02:22] GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens (from Heroku & TravisCI)https://thehackernews.com/2022/04/github-says-hackers-breach-dozens-of.html[00:05:53] Terraform Data Source for AWS Pricing Datahttps://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/pricing_product[00:06:26] How to Make 100K/year on GitHub Sponsorshttps://calebporzio.com/i-just-hit-dollar-100000yr-on-github-sponsors-heres-how-i-did-it[00:13:20] AWS Security Hub adds cross-Region security scores and compliance statuseshttps://aws.amazon.com/about-aws/whats-new/2022/04/aws-security-hub-cross-region-security-scores-compliance-statuses/[00:15:58] FYI, AWS Single Sign-On is now HIPAA eligiblehttps://aws.amazon.com/about-aws/whats-new/2022/04/aws-single-sign-on-hipaa-eligible/[00:17:00] AWS Shield adds automatic application-layer DDoS mitigation for ALBs with WAFhttps://aws.amazon.com/about-aws/whats-new/2022/04/aws-shield-application-balancer-automatic-ddos-mitigation/[00:23:01] Terraform + GitHub Actions & OIDC (via weekly.tf)https://blog.symops.com/2022/04/14/terraform-pipeline-with-github-actions-and-github-oidc-for-aws/[00:24:03] Hierarchical YAML Configurations in Terraformhttps://github.com/lyraproj/hiera[00:28:08] Rare Leakage of an S3 Stack Trace[00:30:21] Cloud Posse “Activation Days”? Who is interested….[00:32:27] What kind of a git repo structure do you recommend if I want to separate my terraform modules in repository?[00:39:48] Are there any examples on the use of helmfile that showcase how one might use it in a "bigger" situation?[00:54:53] Outro #officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#awsSupport the show (https://cloudposse.com/office-hours/)

Cloud Security News
AWS Security Hub releases 5 new controls + Latest with Spring4shell

Cloud Security News

Play Episode Listen Later Apr 13, 2022 5:24


Cloud Security News this week 12 April 2022 Brought to you this week by Teleport To read more about this week's stories head to https://cloudsecuritypodcast.tv/cloud-security-news/ Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News

AWS Morning Brief
The Perils of Bad Corporate Comms

AWS Morning Brief

Play Episode Listen Later Mar 31, 2022 6:59


Links: their investigation of the January 2022 Okta compromise: https://blog.cloudflare.com/cloudflare-investigation-of-the-january-2022-okta-compromise/ You know it's a legit AWS email because the instructions are very bad: https://Twitter.com/0xdabbad00/status/1506258309715673089 sabotaged their own package: https://www.bleepingcomputer.com/news/security/big-sabotage-famous-npm-package-deletes-files-to-protest-ukraine-war/ “AWS IAM Demystified”: https://www.daan.fyi/writings/iam from a third-party: https://www.opsmorph.com/Blog/usergroupspoofing “Generate logon messages for security and compliance in Amazon WorkSpaces.”: https://aws.amazon.com/blogs/desktop-and-application-streaming/generate-logon-messages-for-security-and-compliance-in-amazon-windows-workspaces/ “Ransomware mitigation: Using Amazon WorkDocs to protect end-user data”: https://aws.amazon.com/blogs/security/ransomware-mitigation-using-amazon-workdocs-to-protect-end-user-data/ “CVE-2022-0778 awareness”: https://aws.amazon.com/security/security-bulletins/AWS-2022-003/ ElectricEye: https://github.com/jonrau1/ElectricEye TranscriptCorey: This is the AWS Morning Brief: Security Edition. AWS is fond of saying security is job zero. That means it's nobody in particular's job, which means it falls to the rest of us. Just the news you need to know, none of the fluff.Corey: Today's episode is brought to you in part by our friends at MinIO the high-performance Kubernetes native object store that's built for the multi-cloud, creating a consistent data storage layer for your public cloud instances, your private cloud instances, and even your edge instances, depending upon what the heck you're defining those as, which depends probably on where you work. It's getting that unified is one of the greatest challenges facing developers and architects today. It requires S3 compatibility, enterprise-grade security and resiliency, the speed to run any workload, and the footprint to run anywhere, and that's exactly what MinIO offers. With superb read speeds in excess of 360 gigs and 100-megabyte binary that doesn't eat all the data you've gotten on the system, it's exactly what you've been looking for. Check it out today at min.io/download, and see for yourself. That's min.io/download, and be sure to tell them that I sent you.Corey: The Okta breach continues to reverberate. As of this recording, the real damage remains the lack of clear, concise, and upfront communication about this. It's become very clear that had the Lapsus$ folks not gone public about the breach, Okta certainly never would have either.Now, from the community. Let's see what they had to say. Cloudflare has posted the results of their investigation of the January 2022 Okta compromise to their blog post and I have a few things I want to say about it.First, I love that they do this. I would be a bit annoyed at them taking digs at other companies except for the part where they're at least as rigorous in investigations that they post about their own security and uptime challenges. Secondly, they've been levelheaded and remarkably clear in their communication around the issue which only really affects them as an Okta customer. Okta themselves have issued a baffling series of contradicting claims. Regardless of the truth of what happened from a security point of view, the lack of ability to quickly and clearly articulate the situation means that Okta is now under a microscope for folks who care about security—which basically rounds to every last one of their customers.Now, I generally don't talk too much about tweets because this is Twitter revisited as a general rule, but Scott Piper had an issue about trying to keep his flaws.cloud thing open, and he got an account being closed down notice from AWS. And a phrase he used that I loved was, “You know it's a legit AWS email because the instructions are very bad.”I really can't stress enough that while clear communication is always a virtue, circumstances involving InfoSec, fraud, account closures, and similar should all be ones in which particular care is taken to exactly what you say and how you say it.An NPM package maintainer sabotaged their own package to protest the war in Ukraine, which is a less legitimate form of protest than many others. There's never been a better time to make sure you're pinning dependencies in your various projects.It's always worth reading an article titled “AWS IAM Demystified” because it's mystifying unless you're one of a very small number of people. I learned new things myself by doing that and you probably will too.And oof. A while back Cognito User Groups apparently didn't have delimiter detection working quite right. As a result, you could potentially get access to groups you weren't supposed to be part of. While AWS did update some of their documentation and fix the problem, it's a security issue without provable customer impact, so of course, we're learning about it from a third-party: Opsmorph in this case. Good find.Corey: This episode is sponsored in part by LaunchDarkly. Take a look at what it takes to get your code into production. I'm going to just guess that it's awful because it's always awful. No one loves their deployment process. What if launching new features didn't require you to do a full-on code and possibly infrastructure deploy? What if you could test on a small subset of users and then roll it back immediately if results aren't what you expect? LaunchDarkly does exactly this. To learn more, visit launchdarkly.com and tell them Corey sent you, and watch for the wince.Corey: Now, from the mouth of the AWS horse itself, “Generate logon messages for security and compliance in Amazon WorkSpaces.” for compliance, sure. For security, can you name a single security benefit to having a logon message greet users? “It reminds them that—” Yeah, yeah, nobody reads the popup ever again after the first time, and not always the first time either. Security is important—and fatiguing your users into not reading pop-up messages that don't respect their time is a great way to teach them to ignore you. Don't do it.“Ransomware mitigation: Using Amazon WorkDocs to protect end-user data”. Security through obscurity has been thoroughly debunked by security professionals everywhere, but I still can't help but think that WorkDocs is so narrowly deployed in the industry that it's never really caught the attention of bad actors.And “CVE-2022-0778 awareness”. Cross-account access between their customers, AWS is largely silent about, but an OpenSSL issue, “In which a certificate containing invalid explicit curve parameters can cause a Denial of Service (DoS) by triggering an infinite logic loop” is clearly Not Their Fault, so of course, this is the thing that gets a rather rare security bulletin from them. Of course, as of the time of recording this, it hadn't been updated past an initial ‘we're aware of the issue.'And in the world of tools, ElectricEye is a set of Python scripts—affectionately called Auditors—that continuously monitor your AWS infrastructure looking for configurations related to confidentiality, integrity, and availability that align, or don't align—the other way—with AWS best practices. The fact that it's open-source and free is eyebrow-raising because usually things that do this cost thousands and thousands of dollars. ElectricEye instead leaves that part to AWS Security Hub itself. And that's what happened last week in the wide world of AWS. I'm Corey Quinn, thanks for listening.Corey: Thank you for listening to the AWS Morning Brief: Security Edition with the latest in AWS security that actually matters. Please follow AWS Morning Brief on Apple Podcast, Spotify, Overcast—or wherever the hell it is you find the dulcet tones of my voice—and be sure to sign up for the Last Week in AWS newsletter at lastweekinaws.com.Announcer: This has been a HumblePod production. Stay humble.

The Cloud Pod
150: The Cloud Pod Exfiltrates Jonathan's Credentials

The Cloud Pod

Play Episode Listen Later Feb 3, 2022 36:45


On The Cloud Pod this week, Jonathan is still AWOL. Also Amazon is on GuardDuty with credential exfiltration, Google Cloud Deploy is generally available, and Azure is suffering from more serious DDoS attacks.  A big thanks to this week's sponsors: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights

Cloud Security News
10 November, 2021 - Secure AWS + Azure from one Place, Better Linux Security support on Azure

Cloud Security News

Play Episode Listen Later Nov 10, 2021 3:58


Cloud Security News this week 10 November 2021 Microsoft is extending its native cloud security posture management (CSPM) and workload protection capabilities to Amazon Web Services (AWS) - yes you heard that right! within a suite called Microsoft Defender for Cloud. This was previously know as Azure Security Center and Azure Defender At their annual conference Ignite 2021, their focus was enterprise cloud protection, specially multi cloud environments. Microsoft Defender for Cloud will now let organizations secure AWS and Azure environments from one place without depending on the AWS Security Hub. We will bring you the highlights from Ignite 2021 next week, you can check out the event virtually here For folks who have been waiting on better security services support for Linux on Microsoft Azure - they recently announced the expansion of the Defender for Endpoint on Linux capabilities. Defender for Endpoint is a cloud-based product that includes vulnerability management and assessment, and endpoint detection and response (EDR) on Linux servers. Are you wondering about Oracle Cloud and what they are upto? Oracle Cloud most recently trying to stand out amongst its competitors by broadening the range of built-in and add-on cybersecurity features in Oracle Cloud Infrastructure. Oracle said the new features are intended not only to simplify management but also to address the problem misconfiguration and user error. If you want to find out more - you can check out their new Oracle Cloud Infrastructure Web Application Firewall for Flexible Load Balancers, Oracle Cloud Infrastructure Vulnerability Scanning Service, Oracle Cloud Infrastructure Bastion and Oracle Cloud Infrastructure Certificates If you use Crowdstrike, this ones for you. The popular real-time detection and automated response software, Crowstrike is making some big moves in the Cloud Space, doubling down on zero trust. The National Security Agency (NSA) and CISA have published the first of a four-part series, Security Guidance for 5G Cloud Infrastructures. Security Guidance for 5G Cloud Infrastructures – Part I: Prevent and Detect Lateral Movement. Read more here If you have been reading about Robinhood being hacked, this one wasn't a cloud security breach however a good old social engineering attack which if your interested to know more about, you can read here Episode Show Notes on Cloud Security Podcast Website. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

Cloud Security Podcast
Microsoft releases CSPM for AWS & More Linux Security Support on Azure

Cloud Security Podcast

Play Episode Listen Later Nov 10, 2021 3:59


Cloud Security News this week 10 November 2021 Microsoft is extending its native cloud security posture management (CSPM) and workload protection capabilities to Amazon Web Services (AWS) - yes you heard that right! within a suite called Microsoft Defender for Cloud. This was previously know as Azure Security Center and Azure Defender At their annual conference Ignite 2021, their focus was enterprise cloud protection, specially multi cloud environments. Microsoft Defender for Cloud will now let organizations secure AWS and Azure environments from one place without depending on the AWS Security Hub. We will bring you the highlights from Ignite 2021 next week, you can check out the event virtually here For folks who have been waiting on better security services support for Linux on Microsoft Azure - they recently announced the expansion of the Defender for Endpoint on Linux capabilities. Defender for Endpoint is a cloud-based product that includes vulnerability management and assessment, and endpoint detection and response (EDR) on Linux servers. Are you wondering about Oracle Cloud and what they are upto? Oracle Cloud most recently trying to stand out amongst its competitors by broadening the range of built-in and add-on cybersecurity features in Oracle Cloud Infrastructure. Oracle said the new features are intended not only to simplify management but also to address the problem misconfiguration and user error. If you want to find out more - you can check out their new Oracle Cloud Infrastructure Web Application Firewall for Flexible Load Balancers, Oracle Cloud Infrastructure Vulnerability Scanning Service, Oracle Cloud Infrastructure Bastion and Oracle Cloud Infrastructure Certificates If you use Crowdstrike, this ones for you. The popular real-time detection and automated response software, Crowstrike is making some big moves in the Cloud Space, doubling down on zero trust. The National Security Agency (NSA) and CISA have published the first of a four-part series, Security Guidance for 5G Cloud Infrastructures. Security Guidance for 5G Cloud Infrastructures – Part I: Prevent and Detect Lateral Movement. Read more here If you have been reading about Robinhood being hacked, this one wasn't a cloud security breach however a good old social engineering attack which if your interested to know more about, you can read here Episode Show Notes on Cloud Security Podcast Website. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

The Cloud Pod
Ep141: The Cloud Pod Wears Gaudi Outfits for Amazon's New Deep Learning Accelerator

The Cloud Pod

Play Episode Listen Later Nov 5, 2021 64:13


On The Cloud Pod this week, half the team misses Rob and Ben. Also, AWS Gaudi Accelerators speed up deep learning, GCP announces that its Tau VMs are an independently verified delight, and Azure gets the chance to be Number One for once (with industrial IoT platforms.) A big thanks to this week's sponsors: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. JumpCloud, which offers a complete platform for identity, access, and device management — no matter where your users and devices are located.  This week's highlights

AWS Morning Brief
Security Awareness Training in Five Minutes

AWS Morning Brief

Play Episode Listen Later Nov 4, 2021 7:16


Links: re:Quinnvent: https://requinnvent.com Don't be surprised when ‘move fast and break things' results in broken stuff: https://cloudpundit.com/2021/10/27/dont-be-surprised-when-move-fast-and-break-things-results-in-broken-stuff/ Twitter thread: https://Twitter.com/quinnypig/status/1453214680764219392 Correlate security findings with AWS Security Hub and Amazon EventBridge: https://aws.amazon.com/blogs/security/correlate-security-findings-with-aws-security-hub-and-amazon-eventbridge/ Three ways to improve your cybersecurity awareness program: https://aws.amazon.com/blogs/security/three-ways-to-improve-your-cybersecurity-awareness-program/ Amazon releases free cybersecurity awareness training: https://www.aboutamazon.com/news/community/amazon-releases-free-cybersecurity-awareness-training Quiet Riot: https://blog.traingrc.com/introducing-quiet-riot-c595cfa629e AWS inventory collection tool: https://github.com/darkbitio/aws-recon Deploys a Lambda: https://github.com/fivexl/Terraform-aws-CloudTrail-to-Slack TranscriptCorey: This is the AWS Morning Brief: Security Edition. AWS is fond of saying security is job zero. That means it's nobody in particular's job, which means it falls to the rest of us. Just the news you need to know, none of the fluff.Corey: This episode is sponsored in part by Liquibase. If you're anything like me, you've screwed up the database part of a deployment so severely that you've been banned from ever touching anything that remotely sounds like SQL at least three different companies. We've mostly got code deployment solved for, but when it comes to databases, we basically rely on desperate hope, with a rollback plan of keeping our resumes up to date. It doesn't have to be that way. Meet Liquibase. It's both an open-source project and a commercial offering. Liquibase lets you track, modify, and automate database schema changes across almost any database, with guardrails that ensure you'll still have a company left after you deploy the change. No matter where your database lives, Liquibase can help you solve your database deployment issues. Check them out today at liquibase.com. Offer does not apply to Route 53.Corey: I'll be hosting a drinkup-slash-meetup at Optimism Brewery in Seattle tonight at 7 p.m. if you're in town, stop on by and let me buy you a drink. And of course, re:Quinnvent approaches if you're interested in keeping up with what my nonsense looks like, check out requinnvent.com.Corey: Let's see what happened in the world of security last week. Lydia Leong of Gartner has been on a tear lately. Don't be surprised when ‘move fast and break things' results in broken stuff is her latest and an important read. The goal isn't to slow things down; it's to build guardrails that mean you can move fast, safely. That's the goal of security, to provide safety, not impenetrable blockers to getting work done. Forget this at your own peril.I also wrote my own Security Awareness Training in the form of a Twitter thread. It's like a normal version except it's funny. Don't discount that, though; it's not a joke. If you make people laugh, you've gotten their attention. If you have their attention, then you've got a chance to teach them something.What'd AWS have to say about security last week? Correlate security findings with AWS Security Hub and Amazon EventBridge. So, let me get this straight. AWS sells and charges for Amazon GuardDuty, Amazon Macie, Amazon Inspector, and Amazon Detective, but still wants you to wire stuff together yourself in order to correlate events? How are they so good at the technology bits and so very bad at the ‘tying it all together with a neat presentation' part?Corey: This episode is sponsored in part by something new. Cloud Academy is a training platform built on two primary goals: having the highest quality content in tech and cloud skills, and building a good community that is rich and full of IT and engineering professionals. You wouldn't think those things go together, but sometimes they do. It's both useful for individuals and large enterprises, but here's what makes this something new—I don't use that term lightly—Cloud Academy invites you to showcase just how good your AWS skills are. For the next four weeks, you'll have a chance to prove yourself. Compete in four unique lab challenges where they'll be awarding more than $2,000 in cash and prizes. I'm not kidding: first place is a thousand bucks. Pre-register for the first challenge now, one that I picked out myself on Amazon SNS image resizing, by visiting cloudacademy.com/corey—C-O-R-E-Y. That's cloudacademy.com/corey. We're going to have some fun with this one.Three ways to improve your cybersecurity awareness program. It would seem that one of them isn't, “Google for ‘Azure Security September' and stand back.” I like the three points—which are: to be sure to articulate personal value, be inclusive, and weave it into workflows—because they're not technical, they're psychological. That's where security, just like cloud economics, starts and stops. It's people more than it is computers.And Amazon releases free cybersecurity awareness training. Unfortunately, the transcript is all of 700 words long. This is a problem. Part of the reason you have a program to train staff on cybersecurity awareness is so you can make a good-faith argument that when you inevitably suffer an attack, you'd done all that you could to train folks on proper security behaviors. Unfortunately, a training program that's made of fewer words than this podcast episode seems unlikely to be convincing.And now to the tool. Remember when I talked about being able to enumerate roles and account IDs via public calls, but AWS said it wasn't a problem? Meet Quiet Riot, a tool built to do exactly that in bulk. This is going to be a problem that AWS will have to acknowledge at some point. It's your move, folks.An AWS inventory collection tool called aws-recon that focuses on security-relevant metadata is a useful thing to have. The first and surprisingly difficult step of securing a cloud environment is understanding and enumerating what the heck's running inside of it. I'm astounded that the only first-party answer to this remains ‘the bill.'And finally, I found a Terraform module that deploys a Lambda to watch CloudTrail and report to Slack—got all that? Good lord—whenever certain things happen. Those things include root logins, console logins without MFA, API calls that failed due to lack of permissions, and more. This might get noisy, but I'd consider deploying at least the big important ones.And that's what happened last week in AWS security. I'll talk to you next week.Corey: I have been your host, Corey Quinn, and if you remember nothing else, it's that when you don't get what you want, you get experience instead. Let my experience guide you with the things you need to know in the AWS security world, so you can get back to doing your actual job. Thank you for listening to the AWS Morning Brief: Security Editionwith the latest in AWS security that actually matters. Please follow AWS Morning Brief on Apple Podcast, Spotify, Overcast—or wherever the hell it is you find the dulcet tones of my voice—and be sure to sign up for the Last Week in AWS newsletter at lastweekinaws.com.Announcer: This has been a HumblePod production. Stay humble.

AWS - Il podcast in italiano
10 modi per mantenere in sicurezza i dati su Amazon S3

AWS - Il podcast in italiano

Play Episode Listen Later Oct 25, 2021 21:59


Amazon S3 gestisce più di 100 trilioni di oggetti, coprendo decine di casi d'uso per i quali è importante gestire la sicurezza in modo efficiente ed automatizzato. In questo episodio vediamo le funzionalità native di S3 e le principali integrazioni con altri servizi che vi aiutano ad archiviare i vostri dati in sicurezza su S3 e a mantenerli sicuri nel tempo in modo efficiente ed economico. Parleremo delle service control policy, del principio di least-privilege, del versioning, della replicazione su più region, delle varie modalità di cifratura e delle integrazioni con AWS GuardDuty, Amazon Macie ed AWS Security Hub. Link: Gestione della sicurezza e degli accessi ad Amazon S3.

AWS Morning Brief
AWS Security is Twitching

AWS Morning Brief

Play Episode Listen Later Oct 14, 2021 8:20


Links: Disclosed a nasty auto-delete bug: https://arstechnica.com/information-technology/2021/10/researcher-refuses-telegrams-bounty-award-discloses-auto-delete-bug/ Enroll basically all of it's users: https://blog.google/technology/safety-security/making-sign-safer-and-more-convenient/ Worth taking a look: https://labs.bishopfox.com/tech-blog/IAM-vulnerable-assessing-the-aws-assessment-tools Enumerate those yourself: https://www.hezmatt.org/~mpalmer/blog/2021/10/07/enumerating-aws-iam-accounts.html AWS Access Keys: https://www.nojones.net/posts/aws-access-keys-a-reference/ Routes billions of text messages: https://www.vice.com/en/article/z3xpm8/company-that-routes-billions-of-text-messages-quietly-says-it-was-hacked “Enabling Data Classification for Amazon RDS database with Amazon Macie”: https://aws.amazon.com/blogs/security/enabling-data-classification-for-amazon-rds-database-with-amazon-macie/ “How to set up a two-way integration between AWS Security Hub and Jira Service Management”: https://aws.amazon.com/blogs/security/how-to-set-up-a-two-way-integration-between-aws-security-hub-and-jira-service-management/ “Update the alternate security contact across your AWS accounts for timely security notifications”: https://aws.amazon.com/blogs/security/update-the-alternate-security-contact-across-your-aws-accounts-for-timely-security-notifications/ CloudSploit: https://github.com/aquasecurity/cloudsploit TranscriptCorey: This is the AWS Morning Brief: Security Edition. AWS is fond of saying security is job zero. That means it's nobody in particular's job, which means it falls to the rest of us. Just the news you need to know, none of the fluff.Corey: This episode is sponsored in part by Thinkst Canary. This might take a little bit to explain, so bear with me. I linked against an early version of their tool, canarytokens.org, in the very early days of my newsletter, and what it does is relatively simple and straightforward. It winds up embedding credentials, files, or anything else like that that you can generate in various parts of your environment, wherever you want them to live. It gives you fake AWS API credentials, for example, and the only thing that these things do is alert you whenever someone attempts to use them. It's an awesome approach to detecting breaches. I've used something similar for years myself before I found them. Check them out. But wait, there's more because they also have an enterprise option that you should be very much aware of: canary.tools. You can take a look at this, but what it does is it provides an enterprise approach to drive these things throughout your entire environment and manage them centrally. You can get a physical device that hangs out on your network and impersonates whatever you want to. When it gets Nmap scanned, or someone attempts to log into it, or access files that it presents on a fake file store, you get instant alerts. It's awesome. If you don't do something like this, instead you're likely to find out that you've gotten breached the very hard way. So, check it out. It's one of those few things that I look at and say, “Wow, that is an amazing idea. I am so glad I found them. I love it.” Again, those URLs are canarytokens.org and canary.tools. And the first one is free because of course it is. The second one is enterprise-y. You'll know which one of those you fall into. Take a look. I'm a big fan. More to come from Thinkst Canary in the weeks ahead.Corey: To begin with, the big news is that week is the week of the year in which the Last Week in AWS charity shirt is available for sale. All proceeds to benefit 826 National. To get your snarky, sarcastic shirt, “The AWS Status Page,” this year, visit lastweekinaws.com/charityshirt and thank you in advance for your support.Now, last week's big security news was about Amazon's subsidiary, Twitch—or Twetch, depending upon pronunciation. It had a bunch of its code repos and streamer payouts leaked. Given that they are in fact an Amazon company largely hosted on AWS, you know, except for the streaming parts; are you a lunatic? That would cost ALL the money—this makes it tricky for AWS to message this as not their problem as per their vaunted Shared Responsibility Model. What's the takeaway? Too soon to say but, ouch.From the community. Telegram offered a researcher a €1,000 bounty, which is just insultingly small. The researcher said, “Not so much,” and disclosed a nasty auto-delete bug. If you're going to run a bug bounty program, ensure that you're paying researchers enough money to incentivize them to come forward and deal with your no-doubt obnoxious disclosure process.You can expect a whole bunch of people who don't care about security to suddenly be asking fun questions as Google prepares to enroll basically all of its users into two-factor-auth. Good move, but heads up, support folks.I found a detailed analysis of AWS account assessment tools. These use things like CloudSploit, which I'll talk about in a bit, IAM Vulnerable, et cetera. Fundamentally, they all look at slightly different things; they're also all largely the same, but it might be worth taking a look.AWS has made statements indicating that they don't believe that enumerating which IAM accounts exist in a given AWS account is a security risk, so someone has put out a great technique you can use to enumerate those yourself. Why not, since Amazon doesn't find this to be a problem.A reference to the various kinds of AWS Access Keys is also something I found relatively handy because I hadn't seen this ever explained before. It taught me a lot about the different kinds of key nonsense that I encounter in the wild from time to time. Take a look, it's worth the read.It didn't get a lot of attention in the press due to, you know, things last week, but a company that routes billions of text messages said that it was hacked. It's worth pointing out that SMS is a garbage second-factor, just because how lax security around it is. I'm a big believer in hardware keys like Yubikeys for important stuff, and an app like Authy or Google Authenticator for less important or shared accounts.I know, you shouldn't be sharing accounts; as soon as you come up with a better way for multiple people in different locations to do things that require root credentials in an AWS account, do let me know. Back to my point; treat SMS as a second factor only as better than nothing, not a serious security bulwark when it matters.Three things came out from the mouth of AWS horse last week. “Enabling Data Classification for Amazon RDS database with Amazon Macie.” While the idea of streaming from a relational database through a bunch of wildly expensive AWS services is of course ludicrous, the actual value of knowing what the data classification in your database is can't be understated.The best practice pattern here is to make sure that you're bounding the truly sensitive stuff to its own location. For instance, instead of storing credit card information in ‘the database'; have a token that references a completely separate database that contains that information that's severely locked down; that way any random business query doesn't return sensitive data, and you can restrict access to that data to only the queries or groups or situations that require it. Note that this is only an example and you should not in fact be storing credit card numbers yourself. Good God.Announcer: Have you implemented industry best practices for securely accessing SSH servers, databases, or Kubernetes? It takes time and expertise to set up. Teleport makes it easy. It is an identity-aware access proxy that brings automatically expiring credentials for everything you need, including role-based access controls, access requests, and the audit log. It helps prevent data exfiltration and helps implement PCI and FedRAMP compliance. And best of all, Teleport is open-source and a pleasure to use. Download Teleport at goteleport.com. That's goteleport.com.Corey: “How to set up a two-way integration between AWS Security Hub and Jira Service Management.” Now, I'm not a big fan of either Jira or Security Hub, but integrating whatever it is that finds alerts into something that reports them to someone empowered to do something about them is kind of important. You've got to tune it, though. “Someone visited your website,” showing up 3000 times in an hour is going to be very noisy, and mask alerts of the form, “Your database is open to the world.”They also talk about how to “Update the alternate security contact across your AWS accounts for timely security notifications.” You definitely want to ensure that every AWS account in your cloud estate has the right addresses here configured, and hope that someone who's compromised your accounts doesn't use this API to simply change them back again. It'll stop you from doing that, right? Right? Hello?And finally, MetaSploit is famous as an exploitation toolkit for systems. CloudSploit is attempting to be the same thing, only for cloud accounts. It's not something you'll likely use day-to-day, but it is a great way to spend an afternoon tinkering while also learning new things. And that's what happened Last Week in AWS: Security. Thank you for listening and once again, I ask you, go ahead and visit lastweekinaws.com/charityshirt and get yours today.Corey: I have been your host, Corey Quinn, and if you remember nothing else, it's that when you don't get what you want, you get experience instead. Let my experience guide you with the things you need to know in the AWS security world, so you can get back to doing your actual job. Thank you for listening to the AWS Morning Brief: Security Edition.

Melbourne AWS User Group
What's New in April 2021

Melbourne AWS User Group

Play Episode Listen Later Jun 28, 2021 74:44


Setting a new record for delay in editing, you can finally listen to Arjen, JM, and Guy discuss the news from April 2021. This was recorded nearly two months before it was released. News Finally in Sydney Amazon Transcribe Custom Language Models now support Australian English, British English, Hindi and US Spanish Multi-Attach for Provisioned IOPS io2 Now Available in Thirteen Additional AWS Regions AWS Transit Gateway Connect is now available in additional AWS Regions AWS CloudShell is now available in the Asia Pacific (Mumbai), Asia Pacific (Sydney), and Europe (Frankfurt) regions Serverless API Gateway Amazon API Gateway custom domain names now support multi-level base path mappings Lambda AWS Lambda@Edge changes duration billing granularity from 50ms down to 1ms Amazon CloudWatch Lambda Insights Now Supports AWS Lambda Container Images (General Availability) Amazon RDS for PostgreSQL Integrates with AWS Lambda AWS Lambda@Edge now supports Node 14.x Step Functions AWS Step Functions adds new data flow simulator for modelling input and output processing EventBridge Amazon EventBridge introduces support for cross-Region event bus targets AWS Chatbot now expands coverage of AWS Services monitored through Amazon EventBridge Amplify Data management is now generally available in the AWS Amplify Admin UI Amplify iOS now available via Swift Package Manager (SPM) AWS Amplify now orchestrates multiple Amazon DynamoDB GSI updates in a single deployment Containers eksctl now supports creating node groups using resource specifications and dry run mode AWS Secrets Manager Delivers Provider for Kubernetes Secrets Store CSI Driver EC2 & VPC Amazon EC2 Auto Scaling introduces Warm Pools to accelerate scale out while saving money Amazon VPC Flow Logs announces out-of-the-box integration with Amazon Athena MacSec Encryption for some Direct Connect (apologies, linking to this prevents the podcast from getting published :shrug:) New AWS Storage Gateway management console simplifies gateway creation and management AWS Batch now supports EFS volumes at the job level AWS Backup now supports cost allocation tags for Amazon EFS Backups Internet Group Management Protocol (IGMP) Multicast on AWS Transit Gateway is now available in major AWS regions worldwide Amazon EC2 enables replacing root volumes for quick restoration and troubleshooting Announcing availability of Red Hat Enterprise Linux with High availability for Amazon EC2 AWS Nitro Enclaves now supports Windows operating system Dev & Ops Dev Amazon CodeGuru Reviewer Updates: New Predictable Pricing Model Up To 90% Lower and Python Support Moves to GA | AWS News Blog Now available credential profile support for AWS SSO and Assume Role with MFA in the AWS Toolkit for Visual Studio AWS CodeDeploy improves support for EC2 deployments with Auto Scaling Groups AWS SAM CLI now supports AWS CDK applications - public preview Better together: AWS SAM and AWS CDK | AWS Compute Blog Proton AWS Proton allows adding and removing instances from an existing service AWS Proton introduces customer-managed environments AWS Proton adds an API to cancel deployments CloudFormation You can now deploy CloudFormation Stacks concurrently across multiple AWS regions using AWS CloudFormation StackSets AWS CloudFormation Command Line Interface (CFN-CLI) now supports TypeScript AWS CloudFormation Modules now Provides YAML and Delimiter Support Now reference latest AWS Systems Manager parameter values in AWS CloudFormation templates without specifying parameter versions You can now use macros and transforms in CloudFormation templates to create AWS CloudFormation StackSets Control Tower AWS Control Tower introduces changes to preventive S3 guardrails and updates to S3 bucket encryption protocols AWS Control Tower now provides configurable naming during Landing Zone setup Systems Manager AWS Systems Manager Run Command now displays more logs and enables log download from the console AWS Systems Manager Parameter Store now supports easier public parameter discoverability Customers can now use ServiceNow to track operational items related to AWS resources AWS Systems Manager Parameter Store now supports removal of parameter labels AWS Systems Manager now supports Amazon Elastic Container Service clusters AWS Systems Manager OpsCenter and Explorer now integrate with AWS Security Hub for diagnosis and remediation of security findings Security Firewalls How to Get Started with Amazon Route 53 Resolver DNS Firewall for Amazon VPC | AWS News Blog Reduce Unwanted Traffic on Your Website with New AWS WAF Bot Control | AWS News Blog AWS Firewall Manager now supports centralized management of Amazon Route 53 Resolver DNS Firewall AWS Firewall Manager now supports centralized deployment of the new AWS WAF Bot Control across your organization AWS WAF now supports Labels to improve rule customization and reporting Identity Review last accessed information to identify unused EC2, IAM, and Lambda permissions and tighten access for your IAM roles AWS Identity and Access Management now makes it easier to relate a user's IAM role activity to their corporate identity Other AWS Config launches the ability to track and visualize compliance change history of conformance packs AWS Security Hub Automated Response & Remediation Solution adds support for AWS Foundational Security Best Practices standard You now can use AWS CloudTrail to log Amazon DynamoDB Streams data-plane API activity Data Storage & Processing Glue Detect outliers and use dedicated transforms to handle outliers in AWS Glue DataBrew AWS Glue DataBrew now supports time-based, pattern-based and customizable parameters to create dynamic datasets AWS announces preview of AWS Glue custom blueprints AWS Glue now supports cross-account reads from Amazon Kinesis Data Streams AWS Glue now supports missing value imputation based on machine learning AWS announces data sink capability for the Glue connectors AWS Glue DataBrew announces native console integration with Amazon AppFlow to connect to data from SaaS (Software as a Service) applications and AWS services (in Preview) Redshift AQUA (Advanced Query Accelerator) – A Speed Boost for Your Amazon Redshift Queries | AWS News Blog Announcing cross-VPC support for Amazon Redshift powered by AWS PrivateLink Announcing general availability of Amazon Redshift native console integration with partners Announcing general availability of Amazon Redshift native JSON and semi-structured data support EMR Amazon EMR Release 5.33 now supports 10 new instance types Amazon EMR Studio is now generally available Athena Announcing general availability of Amazon Athena ML powered by Amazon SageMaker User Defined Functions (UDF) are now generally available for Amazon Athena RDS Amazon RDS for SQL Server now supports Extended Events Amazon RDS on VMware networking now simplified and more secure Other Amazon FSx and AWS Backup announce support for copying file system backups across AWS Regions and AWS accounts AWS Batch increases job scheduling and EC2 instance scaling performance Amazon Elasticsearch Service now supports integration with Microsoft Power BI AWS Ground Station now supports data delivery to Amazon S3 Amazon ElastiCache now supports publishing Redis logs to Amazon CloudWatch Logs and Kinesis Data Firehose AI & ML SageMaker Decrease Your Machine Learning Costs with Instance Price Reductions and Savings Plans for Amazon SageMaker | AWS News Blog New options to trigger Amazon SageMaker Pipeline executions ( EventBridge) Other Detect abnormal equipment behavior with Amazon Lookout for Equipment — now generally available Amazon Fraud Detector now supports Batch Fraud Predictions Get estimated run time for forecast creation jobs while using Amazon Forecast Amazon Kendra launches dynamic relevance tuning Other Cool Stuff WorkSpaces Amazon WorkSpaces webcam support now Generally Available Amazon WorkSpaces now supports smart cards with the WorkSpaces macOS client application IVS Amazon Interactive Video Service adds new Cloudwatch Metrics Amazon Interactive Video Service adds support for recording live streams to Amazon S3 Connect Amazon Connect launches audio device settings for the custom Contact Control Panel (CCP) Amazon Connect allows contact center managers to configure agent settings in a custom Contact Control Panel (CCP) Other AWS RoboMaker now supports the ability to configure tools for simulation jobs Amazon AppStream 2.0 adds support for fully managed image updates Amazon Managed Service for Grafana now supports Grafana Enterprise upgrade, Grafana version 7.5, Open Distro for Elasticsearch integration, and AWS Billing reports AWS Cloud9 now supports Amazon Linux 2 environments CloudWatch Metric Streams – Send AWS Metrics to Partners and to Your Apps in Real Time | AWS News Blog Announcing open source robotics projects for AWS DeepRacer Announcing Moving Graphs for CloudWatch Dashboards Amazon Nimble Studio – Build a Creative Studio in the Cloud | AWS News Blog AWS Snow Family now enables you to order, track, and manage long-term pricing Snow jobs The Nanos AWS Console Mobile Application adds support for Asia Pacific (Osaka) region (Arjen) Amazon Connect reduces telephony rates in Cyprus, Belgium, and Portugal (Guy) AWS Cloud9 now supports Amazon Linux 2 environments (Jean-Manuel) Sponsors Gold Sponsor Innablr Silver Sponsors AC3 CMD Solutions DoIT International

Technado from ITProTV (Audio)
Technado, Ep. 205: AWS Trainer Jorge Negrón-DeJesús

Technado from ITProTV (Audio)

Play Episode Listen Later May 27, 2021 49:48


AWS Trainer Jorge Negrón-DeJesús joined the Technado team to talk about AWS Academy and the importance of certifications. In ‘Science & Tech News,’ he talked about the recently released AWS Security Hub that gives you a comprehensive view of your security alerts and security posture across your AWS accounts. In the news segment, the guys discussed Microsoft killing off Internet Explorer (again), SSDs with built-in ransomware protection, malware masquerading as ransomware, the spike in cyber insurance premiums, and a macOS malware secretly taking screenshots. Finally, in ‘That Makes No Sense,’ they laughed about a Photoshop update that has Adobe users upset.

Technado from ITProTV
Technado, Ep. 205: AWS Trainer Jorge Negrón-DeJesús

Technado from ITProTV

Play Episode Listen Later May 27, 2021 49:52


AWS Trainer Jorge Negrón-DeJesús joined the Technado team to talk about AWS Academy and the importance of certifications. In ‘Science & Tech News,’ he talked about the recently released AWS Security Hub that gives you a comprehensive view of your security alerts and security posture across your AWS accounts. In the news segment, the guys discussed Microsoft killing off Internet Explorer (again), SSDs with built-in ransomware protection, malware masquerading as ransomware, the spike in cyber insurance premiums, and a macOS malware secretly taking screenshots. Finally, in ‘That Makes No Sense,’ they laughed about a Photoshop update that has Adobe users upset.

The Cloud Pod
115: The Cloud Pod gets to the root of it

The Cloud Pod

Play Episode Listen Later May 7, 2021 35:09


Justin and Jonathan kick off this week's episode of The Cloud Pod by themselves, Peter joins the party late because he's been fighting dinosaurs and Ryan is unable to attend as he can't move from under the weight of the kitten on his lap.    A big thanks to this week's sponsors: Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights Amazon will find any excuse to use GIFs just like the rest of us. Google has given Cardi B a headstart on a theme song for its new product. Azure sent the wedding invites out late but still expects you to show up. Amazon Web Services: Cheaper Than Healthcare Amazon RDS on VMWare no longer requires the use of a VPN tunnel back to AWS. Still cheaper than paying for healthcare.  Amazon Elasticsearch Service announces support for Asynchronous Search. This is really cool! Amazon EC2 now allows you to replace the root volume for a running instance. There are some great use cases for this.     Red Hat Enterprise Linux with High Availability is now available on Amazon EC2. Good to see IBM isn't throwing up barriers.  AWS is releasing the new Amazon FSx File Gateway. Hopefully this is easy to implement.   AWS announces moving graphs for CloudWatch Dashboards. Also known as GIFs for CloudWatch.  Google Cloud Platform: Closet Fans of Cardi B Google announces PHP, a general purpose programming language, is now on Cloud Functions. Visit thecloudpod.net to see a live example of PHP, also known as the WordPress platform we built our website on.   GCP is launching Web App and API Protection (WAAP), which provides comprehensive threat protection for web apps and APIs. Do not confuse this with the Cardi B song.    Google has made the Doc AI solutions generally available. If you've sent a fax lately, you know how expensive it is.    Google announces new multi-instance NVIDIA GPU on the Google Kubernetes Engine. What a massive risk for the tech industry — having one company that manufactures all the chips.    Azure: Short Notice Microsoft brings Azure supercomputing to the UK Met Office. Supercomputers and the Cloud are finally colliding.      Microsoft is joining the Redhat Summit this week to announce several new RHEL capabilities for Azure. It did a terrible job of giving us the heads up about this event. TCP Lightning Round Justin takes the win and this week's point with an easy dig at information security, leaving scores at Justin (7), Ryan (3), Jonathan (6).  Other headlines mentioned: AWS Ground Station now supports data delivery to Amazon S3 AWS Cost Categories introduces a details page  AWS Secrets Manager Delivers Provider for Kubernetes Secrets Store CSI Driver AWS Systems Manager OpsCenter and Explorer now integrate with AWS Security Hub for diagnosis and remediation of security findings AWS Nitro Enclaves now supports Windows operating system  AWS Cloud9 now supports Amazon Linux 2 environments Google Cloud Spanner launches customer-managed encryption keys and Access Approval  Things Coming Up Announcing Google Cloud 2021 Summits [frequently updated] Save the date: AWS Containers events in May AWS Regional Summits — May 10–19 AWS Summit Online Americas — May 12–13 Microsoft Build — May 19–21 (Digital) Google Financial Services Summit — May 27th  Harness Unscripted Conference — June 16–17 Google Cloud Next — Not announced yet (one site says Moscone is reserved June 28–30) Google Cloud Next 2021 — October 12–14, 2021 AWS re:Invent — November 29–December 3 — Las Vegas Oracle Open World (no details yet) 

サーバーワークスが送るAWS情報番組「さばラジ!」
【毎日AWS #170​】 AWS WAFがカスタムレスポンスをサポート 他4件 #サバワ

サーバーワークスが送るAWS情報番組「さばラジ!」

Play Episode Listen Later Mar 30, 2021 8:06


最新情報を "ながら" でキャッチアップ! ラジオ感覚放送 「毎日AWS」 おはようございます、水曜日担当パーソナリティの福島です。 今日は 3/30 に出たアップデートをピックアップしてご紹介。 感想は Twitter にて「#サバワ」をつけて投稿してください! ■ トークスクリプト https://blog.serverworks.co.jp/everyday-aws-170 ■ AWS SSO + AzureAD連携のブログ https://blog.serverworks.co.jp/aws-sso-azuread ■ UPDATE PICKUP AWS WAFがカスタムレスポンスをサポート AWS WAFがカスタムヘッダー挿入をサポート AWS Security Hubが大阪リージョンで利用可能に AWS Configは、高度なクエリのページネーションをサポート Amazon DocumentDBがイベントサブスクリプションをサポート ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

aws aws config aws waf aws security hub amazon documentdb
AWS TechChat
Episode 78 - re:Invent 2020 - Compute, Storage, Security & Network Wrap

AWS TechChat

Play Episode Listen Later Dec 21, 2020 51:08


In this episode of TechChat we start our 4 part re:Invent 2020 series with this episode covering all ‘Security’, ‘Network’, ‘Compute’ and ‘Storage’ announcements. We started reviewing security announcements * AWS Security Hub (https://aws.amazon.com/security-hub/) can now automatically receive findings from the Kube-bench (https://github.com/aquasecurity/kube-bench). * AWS Audit Manager is a new service that helps you continuously audit your AWS usage and automates evidence collection to make it easier for you to assess whether your policies, procedures, and activities are operating effectively. * CloudTrail provides more granular control of data event logging through advanced event selectors Before pivoting to Network updates * AWS Transit Gateway Inter-region Peering is Now Available in additional regions which provides you more choice in how you architect your network and software stack. * AWS Transit Gateway Connect brings SD-WAN connectivity to your VPC * AWS Global Accelerator launches custom routing allowing you to route multiple users to a specific EC2 destination in a single or multiple AWS Regions by directing them to a unique port on your accelerator * VPC Reachability Analyzer is here to simplify connectivity testing and troubleshooting, a great win for customers Compute brings a raft of new instance and instance types * EC2 Mac instances for macOS * New instance types (M5zn high frequency and 100Gbps | D3 and D3en, the next generation of dense HDD storage instances | R5b instances featuring 60 Gbps of EBS Bandwidth and 260K IOPS | G4ad instances, powered by AMD Radeon Pro V520 GPUs) * Local Zones in Boston, Houston, and Miami * AWS Managed Services supports AWS Outposts * Amazon Machine Images now support tag-on-create and tag-based access control And finally to round out the show we discussed storage * New EBS general purpose volumes, gp3 * EBS io2 volumes now support SAP workloads * Tiered pricing for input/output operations per second (IOPS) charges for Amazon Elastic Block Store (EBS) io2 volume, reducing the cost of provisioning peak IOPS by 15% * quadruples per-volume maximum capacity and performance on io2 volume * S3 Replication adds support for two-way replication * S3 Bucket Keys reduce the costs of Server-Side Encryption with AWS Key Management Service * S3 now delivers strong read-after-write consistency automatically for all applications * S3 Replication adds support for multiple destinations in the same, or different AWS Regions Stay tuned as we cover all aspects of re:invent 2020 in our coming multi-part re:Invent update Speakers: Shane Baldacchino - Edge Specialist Solutions Architect, ANZ, AWS Shai Perednik - Solutions Architect, AWS

AWS Podcast
#408: AWS Foundational Security Best Practices using AWS Security Hub

AWS Podcast

Play Episode Listen Later Nov 15, 2020 27:29


Today Simon is joined by Ely Kahn, Principal Product Manager of AWS Security Hub to talk AWS Foundational Security Best Practices! This standard implements security controls to detect when your AWS accounts and deployed resources do not align with the security best practices defined by AWS security experts. Let's learn all about this security standard and how you can strengthen your security controls. Security Hub – https://aws.amazon.com/security-hub/ AWS Foundational Security Best Practices standard now available in Security Hub https://aws.amazon.com/blogs/security/aws-foundational-security-best-practices-standard-now-available-security-hub/ Working With Security Standards and Controls to Improve Your Security Posture https://www.youtube.com/watch?v=tyPPfS1lwFg

CloudSkills.fm
095: AWS Security in Practice

CloudSkills.fm

Play Episode Listen Later Oct 16, 2020 20:47


In this episode I chat with Dylan Shields about his new book AWS Security. Dylan is a software engineer working on Quantum Computing at AWS. Previously, Dylan was the first engineer on the AWS Security Hub team. He has also worked at Google Cloud, focusing on the security and reliability of their serverless data warehouse, BigQuery.

サーバーワークスが送るAWS情報番組「さばラジ!」
【毎日AWS #067】NoCode で ETL ジョブを作成、AWS Glue Studio が登場! 他4件 #サバワ

サーバーワークスが送るAWS情報番組「さばラジ!」

Play Episode Listen Later Sep 24, 2020 5:51


最新情報を "ながら" でキャッチアップ! ラジオ感覚放送 「毎日AWS!」 おはようございます、サーバーワークスの加藤です。 今日は 9/23 に出たアップデート5件をご紹介。 感想は Twitter にて「#サバワ」をつけて投稿してください! ■ UPDATE ラインナップ AWS Glue Studio が登場 - ビジュアルインターフェースによるジョブ開発と高度なモニタリング AWS Backup が EC2 上の Microsoft アプリケーションのバックアップに対応 プレビュー中のAmazon RDS M6g / R6gがより多くのデータベースバージョンをサポート AWS Security Hub が 14 の新しい自動セキュリティコントロールをリリース Coursera と edX に新しいコース - AWSを用いたモダンアプリケーションの構築 ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

aws aws glue aws security hub
サーバーワークスが送るAWS情報番組「さばラジ!」
【毎日AWS #030】DatadogやNew Relic に対応! Amazon Kinesis Data Firehose が複数の新しいデータ配信先をサポート 他9件

サーバーワークスが送るAWS情報番組「さばラジ!」

Play Episode Listen Later Jul 30, 2020 12:04


最新情報を "ながら" でキャッチアップ! ラジオ感覚放送 「毎日AWS!」 おはようございます、サーバーワークスの加藤です。 今日は 7/29 に出たアップデートから10件をご紹介。 感想は Twitter にて「#サバワ」をつけて投稿してください! ■ UPDATE ラインナップ Amazon Kinesis Data Firehose が複数の新しいデータ配信先をサポート Amazon Translate がOfficeファイルの翻訳をサポート AWS Security Hub が新しい自動セキュリティコントロールを追加 Amazon ECR がAWS KMSを用いたイメージの暗号化をサポート AWS Database Migration Service が拡張されたタスク評価をサポート Amazon Elasticseach Service が類似検索を強化 - コサイン類似度をサポート Amazon Lightsail が cPanel WHM のプリインストールをサポート AWS Cloud Map への Amazon EC2 インスタンスの登録が簡素化 Amazon RDS for Oracle が Oracle Application Express Version 20.1 をサポート AWS Site-to-Site VPN が作成時のタグ付けとリソースレベルのアクセス制御に対応 ■ サーバーワークスSNS Twitter / Facebook ■ サーバーワークスブログ サーバーワークスエンジニアブログ

aws datadog new relic firehose amazon rds amazon kinesis aws security hub
Cloud Crunch
EP03: Re:Invent follow-up a month or so after

Cloud Crunch

Play Episode Listen Later Apr 1, 2020 18:15 Transcription Available


We recap AWS re:Invent 2019, giving you our top 5 takeaways, including AWS Compute Optimizer, Amazon EC2's support for Active Directory Authentication using Windows Accounts gMSA, how AWS Security Hub got smarter, EC2 Image Builder, and Amazon Outposts.

AWS re:Invent 2019
DEM157: Monitor security & automate compliance checks with AWS Security Hub

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 22:23


AWS Security Hub provides a comprehensive view of high-priority security alerts and compliance status across AWS accounts. Security Hub provides a single location to aggregate, organize, and prioritize your security alerts or findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions. You can also continuously monitor your environment using automated compliance checks based on the AWS best practices and open standards that your organization follows. In this demo, we provide a walkthrough of how Security Hub aggregates findings, conducts compliance checks, and helps you respond and remediate findings.

compliance checks monitor aws automate aws partner aws security hub amazon inspector amazon guardduty
AWS re:Invent 2019
SEC356: Prepare for & respond to security incidents in your AWS environment

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 52:45


In this session, we walk through what you need to do to be prepared to respond to security incidents in your AWS environments. We start off with planning best practices, move through the configurations that will help deliver protective and detective controls, then finally show you how you can improve your response capability. Learn how AWS Organizations, AWS Identity and Access Management (IAM), Amazon GuardDuty, AWS Security Hub, AWS Lambda, AWS WAF, AWS Systems Manager, and AWS Key Management Service (AWS KMS) can help take you from protect and detect to respond and recover.

AWS re:Invent 2019
SEC312: [NEW LAUNCH!] Introducing Amazon Detective

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 49:29


Amazon Detective makes it easy to investigate, analyze, and quickly identify the root cause of potential security issues or suspicious activities. Amazon Detective automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to help you visualize and conduct faster and more efficient security investigations. Amazon Detective is integrated with AWS security services such as Amazon GuardDuty and AWS Security Hub as well as AWS partner security products. In this session, we also demonstrate Amazon Detective and provide a walkthrough of how to investigate a security finding.

amazon launch detectives aws aws security hub amazon guardduty
AWS re:Invent 2019
SEC206-R1: Threat management in the cloud: Amazon GuardDuty & AWS Security Hub

AWS re:Invent 2019

Play Episode Listen Later Dec 7, 2019 47:40


Amazon GuardDuty and AWS Security Hub in tandem provide continuous visibility, compliance, and detection of threats for AWS accounts and workloads. Amazon GuardDuty enables customers to achieve continuous security monitoring to detect threats in the cloud. AWS Security Hub enables customers to continuously monitor their environment using automated compliance checks based on AWS best practices and industry standards. In this session, we introduce you to Amazon GuardDuty and AWS Security Hub and walk you through the detection of an event; aggregation; prioritization of security findings; and the identification of possible remediation actions and other responses.

cloud aws threat management aws security hub amazon guardduty
AWS Podcast
#323: July 2019 Update

AWS Podcast

Play Episode Listen Later Jul 21, 2019 51:42


Simon and Nicki share a bumper-crop of interesting, useful and cool new services and features for AWS customers! Chapter Timings 00:01:17 Storage 00:03:15 Compute 00:07:13 Network 00:10:27 Databases 00:16:04 Migration 00:17:43 Developer Tools 00:22:47 Analytics 00:27:07 IoT 00:28:14 End User Computing 00:29:25 Machine Learning 00:30:49 Application Integration 00:34:18 Management and Governance 00:41:42 Customer Engagement 00:42:47 Media 00:44:03 Security 00:46:26 Gaming 00:47:54 AWS Marketplace 00:49:07 Robotics Shownotes Topic || Storage Optimize Cost with Amazon EFS Infrequent Access Lifecycle Management | https://aws.amazon.com/about-aws/whats-new/2019/07/optimize-cost-amazon-efs-infrequent-access-lifecycle-management/ Amazon FSx for Windows File Server Now Enables You to Use File Systems Directly With Your Organization’s Self-Managed Active Directory | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-fsx-for-windows-file-server-now-enables-you-to-use-file-systems-directly-with-your-organizations-self-managed-active-directory/ Amazon FSx for Windows File Server now enables you to use a single AWS Managed AD with file systems across VPCs or accounts | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-fsx-for-windows-file-server-now-enables-you-to-use-a-single-aws-managed-ad-with-file-systems-across-vpcs-or-accounts/ AWS Storage Gateway now supports Amazon VPC endpoints with AWS PrivateLink | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-storage-gateway-now-supports-amazon-vpc-endpoints-aws-privatelink/ File Gateway adds encryption & signing options for SMB clients – Amazon Web Services | https://aws.amazon.com/about-aws/whats-new/2019/06/file-gateway-adds-options-to-enforce-encryption-and-signing-for-smb-shares/ New AWS Public Datasets Available from Facebook, Yale, Allen Institute for Brain Science, NOAA, and others | https://aws.amazon.com/about-aws/whats-new/2019/07/new-aws-public-datasets-available-from-facebook-yale-allen/ Topic || Compute Introducing Amazon EC2 Instance Connect | https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-amazon-ec2-instance-connect/ Introducing New Instances Sizes for Amazon EC2 M5 and R5 Instances | https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-new-instances-sizes-for-amazon-ec2-m5-and-r5-instances/ Introducing New Instance Sizes for Amazon EC2 C5 Instances | https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-new-instance-sizes-for-amazon-ec2-c5-instances/ Amazon ECS now supports additional resource-level permissions and tag-based access controls | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-ecs-now-supports-resource-level-permissions-and-tag-based-access-controls/ Amazon ECS now offers improved capabilities for local testing | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-ecs-now-offers-improved-capabilities-for-local-testing/ AWS Container Services launches AWS For Fluent Bit | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-container-services-launches-aws-for-fluent-bit/ Amazon EKS now supports Kubernetes version 1.13, ECR PrivateLink, and Kubernetes Pod Security Policies | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-eks-now-supports-kubernetes113-ecr-privatelink-kubernetes-pod-security/ AWS VPC CNI Version 1.5.0 Now Default for Amazon EKS Clusters | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-vpc-cni-version-150-now-default-for-amazon-eks-clusters/ Announcing Enhanced Lambda@Edge Monitoring within the Amazon CloudFront Console | https://aws.amazon.com/about-aws/whats-new/2019/06/announcing-enhanced-lambda-edge-monitoring-amazon-cloudfront-console/ AWS Lambda Console shows recent invocations using CloudWatch Logs Insights | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-lambda-console-recent-invocations-using-cloudwatch-logs-insights/ AWS Thinkbox Deadline with Resource Tracker | https://aws.amazon.com/about-aws/whats-new/2019/06/thinkbox-deadline-resource-tracker/ Topic || Network Network Load Balancer Now Supports UDP Protocol | https://aws.amazon.com/about-aws/whats-new/2019/06/network-load-balancer-now-supports-udp-protocol/ Announcing Amazon VPC Traffic Mirroring for Amazon EC2 Instances | https://aws.amazon.com/about-aws/whats-new/2019/06/announcing-amazon-vpc-traffic-mirroring-for-amazon-ec2-instances/ AWS ParallelCluster now supports Elastic Fabric Adapter (EFA) | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-parallelcluster-supports-elastic-fabric-adapter/ AWS Direct Connect launches first location in Italy | https://aws.amazon.com/about-aws/whats-new/2019/06/aws_direct_connect_locations_in_italy/ Amazon CloudFront announces seven new Edge locations in North America, Europe, and Australia | https://aws.amazon.com/about-aws/whats-new/2019/06/cloudfront-seven-edge-locations-june2019/ Now Add Endpoint Policies to Interface Endpoints for AWS Services | https://aws.amazon.com/about-aws/whats-new/2019/06/now-add-endpoint-policies-to-interface-endpoints-for-aws-services/ Topic || Databases Amazon Aurora with PostgreSQL Compatibility Supports Serverless | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-aurora-with-postgresql-compatibility-supports-serverless/ Amazon RDS now supports Storage Auto Scaling | https://aws.amazon.com/about-aws/whats-new/2019/06/rds-storage-auto-scaling/ Amazon RDS Introduces Compatibility Checks for Upgrades from MySQL 5.7 to MySQL 8.0 | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon_rds_introduces_compatibility_checks/ Amazon RDS for PostgreSQL Supports New Minor Versions 11.4, 10.9, 9.6.14, 9.5.18, and 9.4.23 | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-rds-postgresql-supports-minor-version-114/ Amazon Aurora with PostgreSQL Compatibility Supports Cluster Cache Management | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-aurora-with-postgresql-compatibility-supports-cluster-cache-management/ Amazon Aurora with PostgreSQL Compatibility Supports Data Import from Amazon S3 | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-aurora-with-postgresql-compatibility-supports-data-import-from-amazon-s3/ Amazon Aurora Supports Cloning Across AWS Accounts | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon_aurora_supportscloningacrossawsaccounts-/ Amazon RDS for Oracle now supports z1d instance types | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-rds-for-oracle-now-supports-z1d-instance-types/ Amazon RDS for Oracle Supports Oracle Application Express (APEX) Version 19.1 | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-rds-oracle-supports-oracle-application-express-version-191/ Amazon ElastiCache launches reader endpoints for Redis | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-elasticache-launches-reader-endpoint-for-redis/ Amazon DocumentDB (with MongoDB compatibility) Now Supports Stopping and Starting Clusters | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-documentdb-supports-stopping-starting-cluters/ Amazon DocumentDB (with MongoDB compatibility) Now Provides Cluster Deletion Protection | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-documentdb-provides-cluster-deletion-protection/ You can now publish Amazon Neptune Audit Logs to Cloudwatch | https://aws.amazon.com/about-aws/whats-new/2019/06/you-can-now-publish-amazon-neptune-audit-logs-to-cloudwatch/ Amazon DynamoDB now supports deleting a global secondary index before it finishes building | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-dynamodb-now-supports-deleting-a-global-secondary-index-before-it-finishes-building/ Amazon DynamoDB now supports up to 25 unique items and 4 MB of data per transactional request | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-dynamodb-now-supports-up-to-25-unique-items-and-4-mb-of-data-per-transactional-request/ Topic || Migration CloudEndure Migration is now available at no charge | https://aws.amazon.com/about-aws/whats-new/2019/06/cloudendure-migration-available-at-no-charge/ New AWS ISV Workload Migration Program | https://aws.amazon.com/about-aws/whats-new/2019/06/isv-workload-migration/ AWS Migration Hub Adds Support for Service-Linked Roles | https://aws.amazon.com/about-aws/whats-new/2019/06/aws_migration_hub_adds_support_for_service_linked_roles/ Topic || Developer Tools The AWS Toolkit for Visual Studio Code is Now Generally Available | https://aws.amazon.com/about-aws/whats-new/2019/07/announcing-aws-toolkit-for-visual-studio-code/ The AWS Cloud Development Kit (AWS CDK) is Now Generally Available | https://aws.amazon.com/about-aws/whats-new/2019/07/the-aws-cloud-development-kit-aws-cdk-is-now-generally-available1/ AWS CodeCommit Supports Two Additional Merge Strategies and Merge Conflict Resolution | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-codecommit-supports-2-additional-merge-strategies-and-merge-conflict-resolution/ AWS CodeCommit Now Supports Resource Tagging | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-codecommit-now-supports-resource-tagging/ AWS CodeBuild adds Support for Polyglot Builds | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-codebuild-adds-support-for-polyglot-builds/ AWS Amplify Console Updates Build image with SAM CLI and Custom Container Support | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-amplify-console-updates-build-image-sam-cli-and-custom-container-support/ AWS Amplify Console announces Manual Deploys for Static Web Hosting | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-amplify-console-announces-manual-deploys-for-static-web-hosting/ Amplify Framework now Supports Adding AWS Lambda Triggers for events in Auth and Storage categories | https://aws.amazon.com/about-aws/whats-new/2019/07/amplify-framework-now-supports-adding-aws-lambda-triggers-for-events-auth-storage-categories/ AWS Amplify Console now supports AWS CloudFormation | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-amplify-console-supports-aws-cloudformation/ AWS CloudFormation updates for Amazon EC2, Amazon ECS, Amazon EFS, Amazon S3 and more | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-cloudformation-updates-amazon-ec2-ecs-efs-s3-and-more/ Topic || Analytics Amazon QuickSight launches multi-sheet dashboards, new visual types and more | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-quickSight-launches-multi-sheet-dashboards-new-visual-types-and-more/ Amazon QuickSight now supports fine-grained access control over Amazon S3 and Amazon Athena! | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-quickSight-now-supports-fine-grained-access-control-over-amazon-S3-and-amazon-athena/ Announcing EMR Release 5.24.0: With performance improvements in Spark, new versions of Flink, Presto, and Hue, and enhanced CloudFormation support for EMR Instance Fleets | https://aws.amazon.com/about-aws/whats-new/2019/06/announcing-emr-release-5240-with-performance-improvements-in-spark-new-versions-of-flink-presto-Hue-and-cloudformation-support-for-launching-clusters-in-multiple-subnets-through-emr-instance-fleets/ AWS Glue now provides workflows to orchestrate your ETL workloads | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-glue-now-provides-workflows-to-orchestrate-etl-workloads/ Amazon Elasticsearch Service increases data protection with automated hourly snapshots at no extra charge | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-elasticsearch-service-increases-data-protection-with-automated-hourly-snapshots-at-no-extra-charge/ Amazon MSK is Now Integrated with AWS CloudFormation and Terraform | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon_msk_is_now_integrated_with_aws_cloudformation_and_terraform/ Kinesis Video Streams adds support for Dynamic Adaptive Streaming over HTTP (DASH) and H.265 video | https://aws.amazon.com/about-aws/whats-new/2019/07/kinesis-video-streams-adds-support-for-dynamic-adaptive-streaming-over-http-dash-and-h-2-6-5-video/ Announcing the availability of Amazon Kinesis Video Producer SDK in C | https://aws.amazon.com/about-aws/whats-new/2019/07/announcing-availability-of-amazon-kinesis-video-producer-sdk-in-c/ Topic || IoT AWS IoT Expands Globally | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-iot-expands-globally/ Bluetooth Low Energy Support and New MQTT Library Now Generally Available in Amazon FreeRTOS 201906.00 Major | https://aws.amazon.com/about-aws/whats-new/2019/06/bluetooth-low-energy-support-amazon-freertos-now-available/ AWS IoT Greengrass 1.9.2 With Support for OpenWrt and AWS IoT Device Tester is Now Available | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-iot-greengrass-support-openwrt-aws-iot-device-tester-available/ Topic || End User Computing Amazon Chime Achieves HIPAA Eligibility | https://aws.amazon.com/about-aws/whats-new/2019/06/chime_hipaa_eligibility/ Amazon WorkSpaces now supports copying Images across AWS Regions | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon_workspaces_now_supports_copying_images_across_aws_regions/ Amazon AppStream 2.0 adds support for Windows Server 2016 and Windows Server 2019 | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-appstream-20-adds-support-for-windows-server-2016-and-windows-server-2019/ AWS Client VPN now includes support for AWS CloudFormation | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-client-vpn-includes-support-for-aws-cloudformation/ Topic || Machine Learning Amazon Comprehend Medical is now Available in Sydney, London, and Canada | https://aws.amazon.com/about-aws/whats-new/2019/06/comprehend-medical-available-in-asia-pacific-eu-canada/ Amazon Personalize Now Generally Available | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-personalize-now-generally-available/ New in AWS Deep Learning Containers: Support for Amazon SageMaker and MXNet 1.4.1 with CUDA 10.0 | https://aws.amazon.com/about-aws/whats-new/2019/06/new-in-aws-deep-learning-containers-support-for-amazon-sagemaker-libraries-and-mxnet-1-4-1-with-cuda-10-0/ Topic || Application Integration Introducing Amazon EventBridge | https://aws.amazon.com/about-aws/whats-new/2019/07/introducing-amazon-eventbridge/ AWS App Mesh Service Discovery with AWS Cloud Map generally available. | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-app-mesh-service-discovery-with-aws-cloud-map-generally-available/ Amazon API Gateway Now Supports Tag-Based Access Control and Tags on WebSocket APIs | https://aws.amazon.com/about-aws/whats-new/2019/07/amazon-api-gateway-supports-tag-based-access-control-tags-on-websocket/ Amazon API Gateway Adds Configurable Transport Layer Security Version for Custom Domains | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-api-gateway-adds-configurable-transport-layer-security-version-custom-domains/ Topic || Management and Governance Introducing AWS Systems Manager OpsCenter to enable faster issue resolution | https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-aws-systems-manager-opscenter-to-enable-faster-issue-resolution/ Introducing Service Quotas: View and manage your quotas for AWS services from one central location | https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-service-quotas-view-and-manage-quotas-for-aws-services-from-one-location/ Introducing AWS Budgets Reports | https://aws.amazon.com/about-aws/whats-new/2019/07/introducing-aws-budgets-reports/ Introducing Amazon CloudWatch Anomaly Detection – Now in Preview | https://aws.amazon.com/about-aws/whats-new/2019/07/introducing-amazon-cloudwatch-anomaly-detection-now-in-preview/ Amazon CloudWatch Launches Dynamic Labels on Dashboards | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-cloudwatch-launches-dynamic-labels-on-dashboards/ Amazon CloudWatch Adds Visibility for your .NET and SQL Server Application Health | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-cloudwatch-adds-visibility-for-your-net-sql-server-application-health/ Amazon CloudWatch Events Now Supports Amazon CloudWatch Logs as a Target and Tagging of CloudWatch Events Rules | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-cloudwatch-events-now-supports-amazon-cloudwatch-logs-target-tagging-cloudwatch-events-rules/ Introducing Amazon CloudWatch Container Insights for Amazon ECS and AWS Fargate - Now in Preview | https://aws.amazon.com/about-aws/whats-new/2019/07/introducing-container-insights-for-ecs-and-aws-fargate-in-preview/ AWS Config now enables you to provision AWS Config rules across all AWS accounts in your organization | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-config-now-enables-you-to-provision-config-rules-across-all-aws-accounts-in-your-organization/ Session Manager launches Run As to start interactive sessions with your own operating system user account | https://aws.amazon.com/about-aws/whats-new/2019/07/session-manager-launches-run-as-to-start-interactive-sessions-with-your-own-operating-system-user-account/ Session Manager launches tunneling support for SSH and SCP | https://aws.amazon.com/about-aws/whats-new/2019/07/session-manager-launches-tunneling-support-for-ssh-and-scp/ Use IAM access advisor with AWS Organizations to set permission guardrails confidently | https://aws.amazon.com/about-aws/whats-new/2019/06/now-use-iam-access-advisor-with-aws-organizations-to-set-permission-guardrails-confidently/ AWS Resource Groups is Now SOC Compliant | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-resource-groups-is-now-soc-compliant/ Topic || Customer Engagement Introducing AI Powered Speech Analytics for Amazon Connect | https://aws.amazon.com/about-aws/whats-new/2019/06/introducing-ai-powered-speech-analytics-for-amazon-connect/ Amazon Connect Launches Contact Flow Versioning | https://aws.amazon.com/about-aws/whats-new/2019/06/amazon-connect-launches-contact-flow-versioning/ Topic || Media AWS Elemental MediaConnect Now Supports SPEKE for Conditional Access | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-elemental-mediaconnect-now-supports-speke-for-conditional-access/ AWS Elemental MediaLive Now Supports AWS CloudFormation | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-elemental-medialive-now-supports-aws-cloudformation/ AWS Elemental MediaConvert Now Ingests Files from HTTPS Sources | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-elemental-mediaconvert-now-ingests-files-from-https-sources/ Topic || Security AWS Certificate Manager Private Certificate Authority now supports root CA hierarchies | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-certificate-manager-private-certificate-authority-now-supports-root-CA-heirarchies/ AWS Control Tower is now generally available | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-control-tower-is-now-generally-available/ AWS Security Hub is now generally available | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-security-hub-now-generally-available/ AWS Single Sign-On now makes it easy to access more business applications including Asana and Jamf | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-single-sign-on-access-business-applications-including-asana-and-jamf/ Topic || Gaming Large Match Support for Amazon GameLift Now Available | https://aws.amazon.com/about-aws/whats-new/2019/07/large-match-support-for-amazon-gameLift-now-available/ New Dynamic Vegetation System in Lumberyard Beta 1.19 – Available Now | https://aws.amazon.com/about-aws/whats-new/2019/06/lumberyard-beta-119-available-now/ Topic || AWS Marketplace AWS Marketplace now integrates with your procurement systems | https://aws.amazon.com/about-aws/whats-new/2019/06/aws-marketplace-now-integrates-with-your-procurement-systems/ Topic || Robotics AWS RoboMaker announces support for Robot Operating System (ROS) Melodic | https://aws.amazon.com/about-aws/whats-new/2019/07/aws-robomaker-support-robot-operating-system-melodic/

canada australia europe italy management north america target preview spark yale oracle images storage aws upgrades mb asana amazon web services smb s3 noaa brain science kubernetes presto tagging scp hue mongodb dashboards mysql auth terraform flink ssh cuda etl redis visual studio code windows server amazon s3 amazon connect allen institute jamf amazon ec2 cloudformation openwrt amazon sagemaker amazon rds cloudwatch amazon eks aws cloudformation vpcs amazon workspaces amazon aurora aws glue amazon dynamodb amazon ecs amazon athena amazon cloudfront aws organizations mxnet aws config aws control tower quicksight aws security hub amazon quicksight aws codebuild aws regions amazon elasticache amazon documentdb amazon appstream aws privatelink amazon elasticsearch service amazon efs amazon fsx amazon vpc amazon msk aws direct connect windows file server aws iot greengrass amazon freertos aws single sign on aws storage gateway amazon ec2 instances file gateway kinesis video streams aws amplify console
AWS re:Invent 2018
SEC397: NEW LAUNCH! Introduction to AWS Security Hub

AWS re:Invent 2018

Play Episode Listen Later Nov 30, 2018 52:28


Learn about AWS Security Hub, and how it gives you a comprehensive view of your high-priority security alerts and your compliance status across AWS accounts. See how Security Hub aggregates, organizes, and prioritizes your alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions. We will demonstrate how you can continuously monitor your environment using compliance checks based on the AWS best practices and industry standards your organization follows.

launch aws aws partner aws security hub amazon inspector amazon guardduty
AWS re:Invent 2018
Keynote with Andy Jassy

AWS re:Invent 2018

Play Episode Listen Later Nov 30, 2018 164:36


Andy Jassy, CEO of Amazon Web Services, delivers his AWS re:Invent 2018 keynote, featuring the latest AWS news and announcements. Learn more about AWS at - https://amzn.to/2RiLQte. Topics: 00:01:10 AWS business update 00:05:00 Cloud market share 00:22:00 Glacier Deep Archive 00:25:45 Amazon FSx 00:32:30 Dean Del Vecchio, Guardian - CIO 00:43:45 AWS Control Tower 00:47:00 AWS Security Hub 00:49:20 AWS Lake Formation 01:05:00 DynamoDB Read/Write Capacity On Demand 01:09:00 Amazon Timestream 01:16:20 Amazon Quantum Ledger Database 01:17:40 Amazon Managed Blockchain 01:30:00 Amazon Elastic Inference 01:34:00 AWS Inferentia 01:39:00 Ross Brawn Obe, Formula 1 - Managing Director 01:51:30 Amazon SageMaker Ground Truth 02:00:10 Amazon SageMaker RL 02:02:10 AWS DeepRacer 02:08:00 Dr Matt Wood, AWS - GM Deep Learning and AI 02:14:55 Amazon Textrack 02:18:30 Amazon Personalize 02:22:55 Amazon Forecast 02:28:30 Pat Gelsinger, VMware - CEO 02:33:50 AWS Outposts

ceo ai managing directors cloud formula keynote aws invent amazon web services andy jassy pat gelsinger matt wood aws outposts aws control tower aws security hub amazon managed blockchain amazon fsx amazon sagemaker ground truth amazon elastic inference