Watch the following great talks about AWS cloud security, presented by a mix of AWS customers and AWS experts.
Topic | Description | Skill Level |
---|---|---|
Introduction to AWS Security | Ensuring security and compliance is a shared responsibility between AWS and the customer. In this session, we introduce the AWS Shared Responsibility Model along with key security services that allow you to build security controls that are aligned to the NIST Cybersecurity Framework categories: identify, protect, detect, respond, and recover. You also hear from a financial institution in Singapore about how they are developing a cloud security strategy that allows innovation within defined risk guardrails. | 100 |
Advanced container security | Learn how to leverage the identity and authorisation, network security and secrets management features of the wider AWS platform for their containers, including Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Container Service for Kubernetes (Amazon EKS). We also discuss best practices for the security of your container images such as scanning them for known vulnerabilities. | 300 |
Cloud security for everyone: Multi-account strategy | The cloud enables every business to have enterprise-grade security. Leveraging multiple accounts is an essential security pattern, even in small teams without dedicated security personnel. In this session, we dive deep into the accounts and learn how to configure them. Attendees are expected to have an understanding of the shared responsibility model and IAM. | 300 |
Cloud-enabled security evolution with Origin Energy | Moving your business to the cloud is a once-in-a-generation opportunity to significantly evolve your security capability and culture. Origin Energy, Australia’s largest energy retailer, started its cloud journey a few years ago. In this session, Origin Energy’s chief security officer and its security lead for cloud discuss their experience transforming a largely outsourced security capability into an in-house, business-aligned team. Learn how the company builds and runs cloud-native security at scale, at low cost, and with improved security. | 200 |
Federated access and authorisation made simple | In this session, learn how to implement attribute-based access control with role-based access control. We discuss how you can use this strategy to ensure that people have the right access to the things they need in their role, and we show you how to simplify their IAM policies in the process. Also learn how automation can deliver the consistency of access and authorisation, and how you can apply this to your environment. | 200 |
How AFL secures real-time player tracking with encryption | Through the sharing of real-time data and insights about the prevailing game and players, fan engagement in sports has been revolutionised. However, the sensitivity, influence, and impact of such data, as determined by various entities in the sports ecosystem, is critical. In this session, discover how a highly secure application has been designed and implemented not only to appease the various sporting entities, but also to ensure data is kept secure. | 300 |
How to put SecOps to work in your organisation | Open Universities Australia (OUA) migrated their core business systems to AWS in 2014 and have continued to optimise their environment on AWS. Leveraging AWS tools, OUA have automated responses to security events, limiting intervention of engineering staff, and enabling secure self-service tasks to simplify access to secure systems. In this session, OUA covers what worked, what didn’t, and what they learned along the way. | 200 |
How Xinja built a neobank on the cloud | Xinja is a 100-percent digital cloud-based neobank composed of a microservices architecture built with Kubernetes and Apache Kafka on AWS and hooked into many modern, cloud-based banking, payment, and channel platforms. This session focuses on how Xinja built its technology stack to exceed stringent security, risk, and resiliency requirements. Learn how it established a contemporary cloud network foundation, delivered transaction and deposit accounts with debit card payment capability, and integrated Apple Pay and Google Pay (including PCI DSS compliance). Additionally, hear how Xinja created multiple on-demand data pipelines and worked with APRA to secure its banking license and revolutionise its customers’ banking experience. | 300 |
The fundamentals of AWS Security | AWS offers an ever-growing landscape of services designed for a wide range of workloads in the cloud. But how do you secure all those different types of workloads? This session, intended for security-minded builders, introduces the fundamental AWS security building blocks that can be simply, easily, and authoritatively applied to anything you build on AWS. | 200 |
IAM: Best practices for managing identity with AWS | AWS Identity and Access Management (IAM) enables you to securely manage access to AWS services and resources. Using IAM, you can create and manage AWS users and groups, as well as use permissions to allow and deny their access to AWS resources. In this session, you learn best practices for managing user identity and permissions with AWS. We examine role-based access control (RBAC) and attribute-based access control (ABAC) models to ensure that people have the right access to what they need to perform their roles. | 200 |
Security best practices: The Well-Architected way | As you continually evolve your use of AWS, it’s important to consider ways to improve your security posture and take advantage of new security services and features. In this session, you explore architectural patterns for meeting common challenges, learn about service limits, and hear some tips and tricks, as well as learn ways to continually evaluate your architecture against best practices. Automation and tools are featured throughout, and we also include code giveaways! | 200 |