RSAC2019PPT资源-CSDN文库

共49个文件

pdf：49个

RSAC

需积分: 11 191 浏览量 2019-04-17 20:44:58 上传评论收藏 193.05MB ZIP 举报

资源详情

资源评论

收起资源包目录

2019.3.4 RSAC2019PPT.zip （49个子文件）

bac-t08-mechanical-backdoors-in-cold-war-encryption-machines.pdf 5.76MB

bac-t08r-mechanical-backdoors-in-cold-war-encryption-machines.pdf 5.76MB

asd-f02-devsecops-for-the-rest-of-us.pdf 1.07MB

cryp-r02-mac-and-authenticated-encryption_sasaki.pdf 1.04MB

air-t07-att_ck-in-practice-a-primer-to-improve-your-cyber-defense.pdf 4.9MB

csv-f02-democratizing-cloud-security-journey-to-secure-the-public-cloudl.pdf 43.12MB

csv-w02r-protecting-the-cloud-with-the-power-of-cloud.pdf 4.09MB

bac-t07-blockchainification-of-cyber-supply-chain-risk-hype-vs-hope-final.pdf 3.61MB

csv-w03-securing-cloud-native-applications-at-scale.pdf 2.1MB

csv-w10-treating-cloud-specific-threats-with-automatic-remediation.pdf 5.06MB

cryp-f02-secure-computation_zhao.pdf 1.44MB

csv-t09-security-at-the-speed-of-devops-a-reality-check.pdf 5.16MB

bac-w02-automated-fault-analysis-of-block-cipher-implementations.pdf 2.55MB

asd-f01-threat-modeling-in-2019.pdf 26.08MB

cryp-t07-id-based-and-predicate-encryption_mukherjee.pdf 1.74MB

csv-r11-the-advantage-of-ignoring-the-long-tail-of-security-a-product-view.pdf 909KB

asd-w10-practical-approaches-to-cloud-native-security.pdf 5.26MB

cryp-r03-side-channel-and-leakage-resilience_david.pdf 1.26MB

bac-w03-demystifying-quantum-computers-final.pdf 1.14MB

cryp-w03-foundation_wood.pdf 1.48MB

cryp-f02-secure-computation_schabhueser.pdf 1.19MB

air-f01-use-model-to-deconstruct-threats-detect-intrusion-by-statistical-learning.pdf 2.46MB

cryp-r09-block-cipher-cryptanalysis_ito.pdf 1.49MB

csv-f03-secure-innovation-in-public-cloud-myth-or-reality.pdf 3.6MB

asd-w02-will-your-application-be-secure-enough-when-robots-produce-code-for-you.pdf 3.27MB

bac-t09-cryptojacking-what_s-in-your-environment-final.pdf 5.52MB

csfp-w03-building-a-defensible-cyberspace-2025.pdf 319KB

csfp-w03-building-a-defensible-cyberspace-2025_handout.pdf 810KB

csfp-w10-cybersecurity-futures-2025.pdf 5.65MB

cryp-t07-id-based-and-predicate-encryption_blazy.pdf 1.42MB

csv-w02-protecting-the-cloud-with-the-power-of-cloud.pdf 4.09MB

cryp-w12-post-quantum-cryptography_eskandarian.pdf 647KB

bac-r11-how-bad-incentives-led-to-crypto-mining-malware-and-what-to-do-about-it.pdf 6.17MB

csv-r02-kubernetes-runtime-security-what-happens-if-a-container-goes-bad.pdf 2.81MB

air-r02-how-cti-can-play-a-key-role-to-get-security-on-board.pdf 3.16MB

cryp-t08-homomorphic-encryption_izabach_ne.pdf 828KB

csv-w12-red-team-view-gaps-in-the-serverless-application-attack-surface.pdf 2.27MB

csv-f01-securely-deploying-micro-services-containers-and-serverless-paas_web-apps.pdf 5.28MB

cryp-t09-functional-encryption_razvan1.pdf 1.36MB

csv-t06-building-a-leading-cloud-security-program.pdf 316KB

air-r11-incident-response-beyond-enterprise-it_final.pdf 1.16MB

csfp-w12-you_ve-predicted-the-future-now-what-pulling-the-right-security-levers.pdf 4.66MB

asd-r02-container-security-at-the-speed-of-cicd.pdf 2.34MB

csfp-w05-how-to-eliminate-a-major-vulnerability-in-the-cybersecurity-workforce.pdf 14.82MB

bac-r09-using-high-entropy-encryption-for-enterprise-collaboration-final.pdf 848KB

cryp-t09-functional_encryption_razvan2.pdf 1.95MB

cryp-w03-foundation_auerbach.pdf 1.14MB

cryp-r11-block-cipher-design-and-evaluation_hu.pdf 1.59MB

asd-r03-stop-that-release-theres-a-vulnerability.pdf 1.6MB

SESSION ID:

#RSAC

Hardeep Singh

Democratizing Cloud Security

Our Journey To Secure The Public Cloud

CSV-F02

Sr Principal Security Engineer

Symantec Corporation/Cloud Platform Engineering

Yunchao Liu

Sr Software Engineer

Symantec Corporation/Cloud Platform Engineering

#RSAC

Why The Need To Democratize Security?

Centralized static bureaucracy

Decentralized, agile adhocracy

On Premise – Private, limited

resources, defined vectors

Public Cloud – Unlimited

resources, unrestricted vectors

Strict separation of duties

DevOps wear many hats

Centralized SOC – Antiquated policies to secure them all

#RSAC

Journey To Secure The AWS Environment

 Establish a cloud based security maturity framework

 Identify security controls for environment

 Implement processes & services for operators

 Extend framework to cover forensics & SDLC

 Implement processes & services for developers

& responders

 Integrate compliance & audits

into the framework

 Automate enforcement &

remediation

#RSAC

Security Maturity Framework

Established a working group of security leads from all BU’s

Identified ownership at all levels

Built consensus

Identified account onboarding

process

Identified time lines for

compliance

Defined security maturity polices

Observable, actionable &

enforceable polices only

Started with baseline CIS AWS

recommendations

Extended to identify insecure

resources

Enhanced to cover internal polices,

SDLC, forensics & compliance

Enforced compliance

•Established an exception process

•Created detailed reports on non

compliance

•Automated enforcement

•Created services to help

operators, developers &

responders in implementing

security policies

#RSAC

Security Maturity Policies

AWS Environment

Optimize IAM users & policies

All audit logs centralized

Restrict public access to resources

Encrypt all storage resources

Define a mandatory tagging policy

Facilitate Incident responders

(reactive)

SDLC

Golden Image - scans in build cycle

TVM- Response to new CVE’s

Threat Modeling of all services

Secret & credentials management

Pen testing, game days, bug bounties

Auditable processes

评论收藏

内容反馈

RSAC2019PPT

评论0

最新资源

RSAC2019PPT

评论0

最新资源

相关推荐

RSA加密算法.ppt

RSA的ppt 蛮不错啊 看看

RSA算法ppt 实现过程

RSA：原理及应用和攻击ppt.pdf

RSA 2018大会

Python程序设计：RSA 数据加密.pptx

RSAC-2020-PPT-002.zip

RSAC-2020-PPT-001.zip

RSA算法.ppt.ppt

RSAC-2020-PPT-004.zip

网络安全 RSAC2015

RSAC-2020-PPT-003.zip

rsa加密算法PPT学习教案.pptx

密码学基础课件：第十四讲 RSA实现.ppt

网络安全 RSAC2015 报告2：赵粮：智慧安全—基于数据和情报的对抗.pdf

2020RSAC2.rar

RSA算法PPT

RSAc.rar_rsac++

RSA算法改进.ppt

网络安全 RSAC2015 -3

RSA加解密 RSA C源程序

RSAC和电子数据取证.pdf

最新版ISO/IEC 27001:2022、ISO 27002:2022中英文合集

Goby红队版-win-x64-2.4.7版本

Chrome Header Editor 插件

ISO SAE 21434-2021 中文版.pdf

RSA的ppt 蛮不错啊看看