If you haven’t had the opportunity to watch the AWS State of the Union address yet, you can view it here.
We at Fishtech want to take a moment to share a few of our key notes and takeaways.
First, we all were very pleased as the entire speech aligned and acted as a perfect reinforcement centered around many topics we have been discussing internally. Specifically, some of these conversation topics include:
Don’t patch applications/systems in place – Blue/Green Deploys are the way to go. (Stay tuned for future blog posts on how Fishtech manages continuous deployments.)
- With the move to the cloud and away from traditional infrastructure, as well as the rise of Everything-as-Code, an important, new vector of attack is source/version control repositories. Who’s checking in code, why, and what’s been changed?
- “The single most valuable asset in your organization is a good security engineer. They’re the only person that can make a reasoned judgement about the grey area that exists in security.” -Machine learning should be used to augment the security engineer’s capabilities.
Some other cool highlights
- AWS GuardDuty reads your logs generated across all of the AWS services you’re using, and uses machine learning and anomaly detection to identify hidden threats in your AWS environment. It’s already integrated with partners such as Evident.io, SumoLogic, and Splunk. Companies such as Amazon.com and Netflix are using this service today.
- Warner Brothers developed a tool in house for automating vulnerability management in AWS (via AWS Inspector). They released this project as open source.
- S3 Buckets can have a default encryption setting, and has an inventory tool to see what’s encrypted or not.
- S3 Buckets now have a bright orange label specifying if it’s Public.
And finally, just 1 AWS service produces 27 PETABYTES of logs a DAY. WOW!
Consider investing remaining Q4 monies in an Incident Response Retainer Plan for your business. Cyderes is currently offering spectacular first-look pricing for protecting your data in 2018.