These Top Ten AWS Security Best Practices were put together by cloud security practitioners with over a decade of combined experience securing large AWS deployments.
You will discover how most of these best practices are very easy to implement and go a very long way to ensuring your success on AWS.
Evident.io’s John Robel, Principal Solutions Architect, and 2ndWatch’s Kevin Dillon, Solution Architect, provide actionable information that can be implemented immediately regarding how to:
- Disable Root API Access Key and Secret Key
- Enable MFA Tokens Everywhere
- Reduce Number of IAM Users with Admin Rights
- Use Roles for EC2
- Least Privilege: Limit what IAM Entities Can Do with Strong Policies
- Rotate all the Keys Regularly
- Use IAM Roles with STS AssumeRole Where Possible
- Use AutoScaling to Dampen DDoS Effects
- Do Not Allow 0.0.0.0/0 Unless You Mean It
- Watch World-Readable and Listable S3 Bucket Policies
John Robel is a Principle Solutions Architect for Evident.io with over 20 years experience, and his previous role was as a Senior Technical Account Manager at AWS where he managed customer relationships with some of the largest AWS enterprise customers like Netflix and Adobe. John is an AWS Certified Solutions Architect and has been both Cisco Certified as a Network Associate and ITIL Foundation certified.
Kevin Dillon is a Solutions Architect with 2nd Watch and has over 20 years’ experience building and managing high-performing teams with extensive industry experience with hedge funds and asset management firms. Kevin lives in the New York city area.
In this webcast, John Martinez will lead a deep dive discussion and provide a live demonstration of how to improve security awareness between IT, Dev, and Ops teams, as well as provide some real-world (code) examples on how to bring security into your application delivery model to reduce risks with DevOps integration and security and compliance automation.
Date: April 21, 2016
Time: 1:00pm EST / 10:00AM PST
Duration: 1 Hour