AWS Security Week will cover the security topics that you need to successfully launch secure applications on AWS. The week is structured to begin with a high-level overview and progress to more advanced sessions as the week progresses. Attendees are invited to attend only specific days of interest or commit to the entire week.

Monday will kick off with an overview of AWS security fundamentals, on Tuesday we will move into a more detailed walkthrough of AWS security from the ground up, Wednesday we cover security at scale with a hands-on lab, and Thursday we finish with in-depth security topics. You will learn security based practices on such diverse topics as Identity and Access Management, Encryption, Network Layer Security, Security Automation at Scale, Logging and Monitoring, Resiliency and DDoS protection.

Sessions, demos, and labs will be led by seasoned security professionals from AWS, who will help you get to grips with not just the basics, but also the nuances of building applications in the cloud in a robust and secure manner. Our pros will be available for “Ask the Experts” sessions during breaks to give you one-on-one time with our AWS security professionals.

By the end of the week you’ll have a solid understanding of the security aspects that you need to deploy applications and services into the cloud securely.





Pre-requisites

Participation in this event requires:

A valid, usable AWS account with admin privileges Some familiarity with the AWS console, AWS CLI and AWS SDK. Reviewing these resources will help

AWS CLI

AWS Console

AWS SDK

Boto 3 Documentation

Installation of the AWS Python SDK and CLI ahead of time

Installation of the AWS Python SDK and CLI ahead of time A laptop/Mac which will allow you to access AWS SDKs, console and the AWS CLI

A laptop/Mac which will allow you to access AWS SDKs, console and the AWS CLI Optional: A domain you have pre-registered or the ability to register a domain name on Day 1. which you will be able to use (and modify) during the event.





Agenda





AWS Security Kickoff and Fundamentals | Monday, November 6 | 10:00AM-4:00PM

9:30AM-10:00AM | Check-in

10:00AM-10:15AM | Welcome & Introduction

10:15-11:00AM | Keynote: John Snow: Security is Coming: While winter is indeed coming, we are not going to talk about the King of the North. John Snow, English Physician, is considered one of the fathers of modern epidemiology, in part because of his work in tracing the source of a cholera outbreak in Soho, London, in 1854. We will take a look at how much of what he discovered about disease and its spread and containment can apply to modern cloud computing and security hygiene. We will review the best practices that AWS recommends for customers, beginning with a foundation of Shared Responsibility and extending to the application of frameworks which enable good cloud health. Attendees will gain insight in ways to “remove the pump handles” on their cloud deployments. Level: 100

11:00AM-12:00PM | AWS Security Fundamentals: This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more. Level: 100

12:00PM-1:00PM | Lunch Break & Ask an Expert (will be provided)

1:00PM-2:00PM | Maturing your organization from DevOps to DevSecOps: Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But gone are the days of manual security audits that slow down agile development. Your modern continuous integration and continuous delivery architecture demands continuous security that doesn’t hinder DevOps. In this session, we’ll share tips to help your organization embrace DevSecOps. Presented by RedLock. Level: 100

2:00PM-3:00PM | Preparing for AWS Certification/ Advanced Security Training: An overview of more in-depth AWS Certification and Training available to help you further your career, with expert Q&A. Level: 100

3:00PM-3:15PM | Break

3:15PM-4:15PM | Hands-on Setup and Prep for the Labs: Our experts will guide you in setting up and understanding these Security Week pre-requisites:

AWS Management Console: facilitates cloud management for all aspects of your AWS account, including monitoring your monthly spending by service, managing security credentials, or even setting up new IAM Users.

facilitates cloud management for all aspects of your AWS account, including monitoring your monthly spending by service, managing security credentials, or even setting up new IAM Users. AWS Command Line Interface (CLI): an open source tool built on top of the AWS SDK for Python (Boto) that provides commands for interacting with AWS services. With minimal configuration, you can start using all of the functionality provided by the AWS Management Console from your favorite terminal program.

an open source tool built on top of the AWS SDK for Python (Boto) that provides commands for interacting with AWS services. With minimal configuration, you can start using all of the functionality provided by the AWS Management Console from your favorite terminal program. Boto3: the AWS SDK for Python. Boto3 makes it easy to integrate your Python application, library, or script with AWS services including Amazon S3, Amazon EC2, Amazon DynamoDB, and more.

the AWS SDK for Python. Boto3 makes it easy to integrate your Python application, library, or script with AWS services including Amazon S3, Amazon EC2, Amazon DynamoDB, and more. Optional: register a domain name to use and modify during the event.

Level: 100









AWS Security from the Ground Up | Tuesday, November 7 | 10:00AM-4:15PM

9:30AM-10:00AM | Check-in

10:00AM-10:15AM | Welcome & Introductions

10:15AM-11:00AM | Introduction to the Security Perspective of the Cloud Adoption Framework (CAF): The Security Perspective of the AWS Cloud Adoption Framework provides a framework for maturation via a structured program that incorporates best practices and processes for define, build and optimize how you operate security controls in the AWS platform. The Security perspective of the CAF provides a set of 5 core foundational theme designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. During this session, we address how to put the Security Perspective of the CAF into practice and follow with an afternoon agenda that will dive deep in each of the individual core topics. Level: 100

11:00AM-12:00PM | Identity and Access Management: The First Step in AWS Security: IAM is first in the Security CAF because in the cloud first you grant access and only then can you provision infrastructure (the opposite of on-prem). In this session we’ll cover how to define fine grained access to AWS resources via users, roles and groups; designing privileged user & multi-factor authentication mechanisms and how to operate IAM at scale. Level: 200

12:00PM-1:00PM | Lunch Break & Ask an Expert (will be provided)

1:00PM-1:45PM | Detective Controls: Gain Visibility and Record Change: After IAM you want to have Detective Controls in place to have visibility into your deployments. In this session we’ll cover visibility at the AWS platform level, the application, Operating System and network levels and how to build monitoring solutions at scale leverage AWS services that turn logging data into security insight. Level: 200

1:45PM-2:30PM | Infrastructure Security: Your Minimum Security Baseline: After IAM and Detective Controls you’ll turn to Infrastructure Security, which means tuning AWS Service configurations, AMI composition, and hardening other digital assets that will be deployed. We will cover how to define networking architecture (e.g. VPC, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows, and how to determine Vulnerability Management and operational maintenance cadence. Level: 200

2:30PM-2:45PM | Break

2:45PM-3:30PM | Data Protection in Transit and at Rest: With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements. Level: 200

3:30PM-4:15PM | Incident Response: Preparing and Simulating Threat Response: Once you have built and deployed security infrastructure and automated key aspects of security operations you should validate your work through an Incident Response simulation. In this session we discuss the best way to protect your logs; how and why to develop automated IR capabilities via AWS tooling (e.g. Lambda); the importance of testing existing forensics tools to ensure efficacy in cloud environment; and ways to test your plan early and often. Level: 200









AWS Security at Scale | Wednesday, November 8 | 10:00AM-6:00PM

9:30AM-10:00AM | Check-in

10:00AM-10:15AM | Welcome & Introductions

10:15AM-11:15AM | Voice of the Customer: Zocdoc and Elevating Security While Moving to AWS: This presentation will focus on security architecture, visibility, detection, and response capabilities within AWS. Highlighting the applicable security and compliance requirements, Zocdoc will cover how they implement security while minimizing the impact on innovation in today's cloud first world. Zocdoc will explain the importance of how selecting solutions to maintain visibility and control of sensitive assets is crucial to a successful migration to AWS. Speaker: Brian Lozada, Zocdoc CISO and Zhen Wang, Zocdoc Director of Engineering. Level: 100

11:15AM-12:00PM | Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of Amazon S3: As organizations move their workloads to the cloud, companies must take steps to protect and audit their private and confidential information. This session will focus on Amazon S3 best practices and using AWS Config rules and AWS CloudTrail Data Events to help better protect data residing within S3. The session will include a demonstration to show how Config and CloudTrail, in combination with other AWS Services, can help with S3 governance and compliance requirements. Level: 100

12:15PM-1:00PM | Lunch Break & Ask an Expert (will be provided)

1:00PM-3:00PM | Become a Cloud Security Ninja: In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them. More specifically, learn how to:

Establish security guardrails in the DevOps process

Establish security guardrails in the DevOps process Detect and remediate risky configurations

Detect and remediate risky configurations Identify vulnerable hosts

Identify vulnerable hosts Detect and respond to malicious activities

Detect and respond to malicious activities Rapidly investigate incidents

We provide the infrastructure necessary for the lab - simply show up with your laptop. Get ready to have some fun and win some exciting prizes! Level: 200

3:00PM-3:15PM | Break

3:15PM-4:00PM | Secure Management of Fleet at Scale: Amazon EC2 Systems Manager is a management service that helps you securely and safely manage instances at scale, automatically collect software inventory, apply OS patches, create system images, and configure Windows and Linux operating systems. These capabilities help you define and track system configurations, prevent drift, and maintain software compliance of your EC2 and on-premises configurations. By providing a management approach that is designed for the scale and agility of the cloud but extends into your on-premises data center, EC2 Systems Manager makes it easier for you to seamlessly bridge your existing infrastructure with AWS. Level: 200

4:00PM-6:00PM | Brewing an Effective Cloud Security Strategy: In today’s world of craft beer, there has never been more complexity in the number of ingredients, recipes, and processes to create quality beers. Crafting an effective cloud security strategy involves similar complexities involving cloud-native tools and processes. Join RedLock and Deloitte as we share our perspectives on cloud security over craft beer and pretzels.









AWS Security Deep Dive | Thursday, November 9 | 10:00AM-4:00PM

9:30AM-10:00AM | Check-in

10:00AM-10:15AM | Welcome & Introductions

10:15AM-11:00AM | Amazon Macie Demo: In this session, we will review Amazon Macie, a new visibility security service that helps classify and secure your sensitive and business-critical content. Amazon Macie uses machine learning to automatically discover, classify, and protect sensitive data in AWS and it recognizes sensitive data such as personally identifiable information (PII) or intellectual property. We will also cover all available types of alerts (basic and predictive) and demonstrate how you can leverage CloudWatch Events, Lambda, and SNS topics to automate remediation actions to unauthorized access and inadvertent data leaks. Level: 200

11:00AM-11:30AM | Achieving Compliance and Selling to Regulated Markets on AWS: Security is the top priority at AWS, and whether you are a startup or an enterprise our compliance programs can help you demonstrate the effectiveness of this security to your customers. In this session, you will learn how to build your own compliance programs on AWS, and how to show your customers evidence of this compliance. Bring both your business and technical hat as we will dive into a cross-functional strategy that will accelerate your path to compliance on AWS and your business growth in regulated markets. Level: 100

11:30AM-12:00PM: Deloitte Session: Abstract coming soon!

12:00PM-1:00PM | Lunch Break & Ask an Expert (will be provided)

1:00PM-2:30PM | Lab: Automating Amazon Inspector Assessments and Findings Remediation: DevSecOps helps customers create an environment where "everyone is responsible for security." Adopting DevSecOps can be challenging using traditional security tools that are designed for on-premises infrastructure. Amazon Inspector is an automated security assessment service that helps you adopt DevSecOps by integrating security assessments directly into the development process of applications running on Amazon Elastic Compute Cloud (Amazon EC2). In this session, we will deep dive into Amazon Inspector and show how you can automate host security assessments to make them a seamless part of your DevSecOps lifecycle. We will run through a demo of installing the AWS agent, setting up assessment targets and templates, scheduling and running assessments. We will then explore the findings generated by assessments and discuss how you can automate the management and remediation of findings. Level: 200

2:30PM-3:15PM | Perimeter Protection You Can Configure in Less Than an Hour: Learn how to configure, deploy, and test perimeter based protections in front of a web application hosted on AWS (or your own origin) using Amazon CloudFront, AWS WAF, and AWS Shield Advanced services. Covered in the session will be a quick overview of each service, their interoperability, and a dive into the management console to configure each service. Level: 200

3:15PM-4:00PM | Soup to Nuts: Identity Federation for AWS: AWS offers customers multiple solutions for federating identities on the AWS Cloud. In this session, we will embark on a tour of these solutions and the use cases they support. Along the way, we will dive deep with demonstrations and best practices to help you be successful managing identities on the AWS Cloud. We will cover how and when to use Security Assertion Markup Language 2.0 (SAML), OpenID Connect (OIDC), and other AWS native federation mechanisms. You will learn how these solutions enable federated access to the AWS Management Console, APIs, and CLI, AWS Infrastructure and Managed Services, your web and mobile applications running on the AWS Cloud, and much more. Level: 200







