Published
AWS provides over 250 services and over 25 regions allowing for a wide range of possible configurations and misconfigurations. Ensuring that all services and regions are being used safely is even more difficult to control and monitor in a multi-account environment. Service control policies are a feature in AWS Organizations that provides a guarantee on what permissions are allowed in member accounts. In this talk, we discuss our experiences with using service control policies to implement a security baseline at Stripe and our lessons learned. The main focus will be how our Cloud Security team was able to reduce the set of allowed AWS services by over 70%, in particular our analysis of data sources such as AWS CloudTrail, billing data, and AWS Config for determining service usage and the testing and deployment process across all our AWS accounts.
About the Speaker
Ava Wang is a Senior Security Engineer on the Cloud Security team at Stripe, where she works on building centralized security controls and detections for the company's cloud environment. She also worked in AWS as a software engineer and was part of the teams that launched Amazon Braket, a quantum computing service, and AWS Security Hub, a cloud security posture management service.
View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
SANS Cloud Security focuses the deep resources of SANS on the growing threats to The Cloud by providing training, GIAC certification, research, and community initiatives to help security professionals build, deploy and manage secure cloud infrastructure, platforms, and applications.
SANS Cloud Security Curriculum: www.sans.org/cloud-security
Follow us on social:
SANS Cloud Security on Twitter: @SANSCloudSec
SANS Cloud Security on LinkedIn: https://www.linkedin.com/showcase/sanscloudsec/
SANS Cloud Security on YouTube: https://www.youtube.com/SANSCloudSecurity
About the Speaker
Ava Wang is a Senior Security Engineer on the Cloud Security team at Stripe, where she works on building centralized security controls and detections for the company's cloud environment. She also worked in AWS as a software engineer and was part of the teams that launched Amazon Braket, a quantum computing service, and AWS Security Hub, a cloud security posture management service.
View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
SANS Cloud Security focuses the deep resources of SANS on the growing threats to The Cloud by providing training, GIAC certification, research, and community initiatives to help security professionals build, deploy and manage secure cloud infrastructure, platforms, and applications.
SANS Cloud Security Curriculum: www.sans.org/cloud-security
Follow us on social:
SANS Cloud Security on Twitter: @SANSCloudSec
SANS Cloud Security on LinkedIn: https://www.linkedin.com/showcase/sanscloudsec/
SANS Cloud Security on YouTube: https://www.youtube.com/SANSCloudSecurity
- Category
- Management
Be the first to comment
-
29:29
Reducing Security Risks in the Hybrid Workplace with Windows 11 and Surface | OD101
-
54:03
AWS re:Inforce 2022 - Getting more out of your service control policies, featuring Morgan Stanley
-
04:17
Enforce Preventive Guardrails Using Service Control Policies | Amazon Web Services
-
05:40
What Is Attack Surface Management
-
1:03:53
The Multi-Cloud Expedition Episode 6: Modernizing Your Datacenter for Multi-Cloud
-
12:44
The Multi-Cloud Report: Reducing the Energy Consumption of IT Infrastructure
-
58:03
Keynote: Cloud Attack Surface Management - Alex Shulman Peleg
-
05:15
What is Attack Surface Management (ASM)?
-
05:15
What is ASM (Attack Surface Management)?
-
46:51
Cloud Billing best practices: How to set up a Cloud Billing Account and control your cloud costs
-
03:29
Deca Roleplay Video - Lily Papadakis (Marshall) (Business Management)
-
00:20
motivational video for libasna ll inspiration for upsc aspirants ll #short #upse #amitabhbachchan
-
17:46
FreeStyle Libre 3 vs Dexcom G6 | Full Test & Review
-
09:59
Learn Communication Skills | English Speaking | Management Insight #7
-
1:43:58
How to Trade In Stocks By: Jesse Livermore. Complete Audiobook.
-
06:52
Three Questions to Ask Yourself To Be a Great Leader
-
07:35
find your unique style | Style Roots QUIZ + body types
