AWS Security Customer Presentation:

Integrated Security & Operations for Scaling Securely in AWS

• Security for Software Defined World

• Threat Stack Cloud Security Platform• DevOps and Security Worlds

• Threat Stack Customer Success Stories

Agenda

Threat Stack Team

Vikram VarakantamDirector, Products and Customer Development

Background:

Vikram Varakantam is Director, Products and Customer Development at Threat Stack

Vikram is a long time veteran of security products domain with Senior Product Management roles managing IPS, Fireall and Security Services products at Cisco Systems Inc.

Software Defined Infrastructure The Shifting Paradigm

Security for Software Defined World ?

Devops and Sec image, courtesy of @petecheslock #devopsdays

Worlds of DevOps and Security

• Culture, Collaboration• Continuous Operations at Scale• Repeatability, Scale and

Automation, API• Well Known Orchestrated

Baselines • KISS Principles• Tight Feedback Loops

• Continuous Risk Management• Information sharing on as

needed basis• Solutions for specific domain

functions• Compliance and Reporting• Industry Benchmarks and

Compliance Policies (CIS, PCI, NIST)

DevOps

Philosophy & Tooling

Feedback & Hygiene

Traditional Security

Security Must Evolve With You

Deploy Operate Investigate

CLOUD SECURITY PLATFORM FOR START-UPS, HIGH GROWTH & ENTERPRISE Modern Infrastructure Requires Modern Security.

Vulnerability Management

Threat Intelligence

Compliance Reporting

Infrastructure Monitoring

Workload

Insights

Cloud Native. Platform Independent. Fully Integrated.

INCREASE VELOCITY OF YOUR SECURITY OPERATIONS

Time to detection: Go from 4 hrs to 4 minutes

GAIN COMPLETE VISIBILITY INTO BEHAVIOR

Know Who, What, Where, When across your entire environment

CONTINUOUS SECURITY MONITORING & VISIBILITY, IN ONE PLACE

No need to chase down fragmented data points from multiple tools

ASSURE COMPLIANCE FOR YOU & YOUR CUSTOMERS

Automatically implement effective controls, policies & procedures to protect data and meet compliance

Why Threat Stack?

v

v

Some of our Trusted Customers

Threat Stack Customer Story:

Ilya KalininSenior DevOps Engineer

Background:

IIya Kalinin is a Senior DevOps Engineer at AdRoll, #1 retargeting Adtech platform.

IIya is a leading DevOps practitioner involved in large scale Infrastructure Management automation projects leveraging tools as Jenkins, Docker, Ansible, Terraform, AWS.

AdRoll Infrastructure Overview

• Highly Elastic Infrastructure with 1000-1500 Instances

• Distributed Development teams with multiple configuration management toolsTerraform, Ansible, Puppet...

• System Components are treated as Separate Services from a operations point of view

• Developers need continuous access to troubleshoot, support their own services in production

• SRE team wants to retain control and have the audit trail but doesn't want to be a bottleneck to the engineering team’s velocity

• Every service is using an AMI pre-approved by SRE team to baseline deployments

Key Use Cases for Cloud Security

Get Visibility

Trust But Verify

Enforce Rules-based

Behavior

• Developers need continuous access to troubleshoot, support their own services in production

• SRE team wants to retain control and have the audit trail but doesn't want to be a bottleneck to the engineering team’s velocity

• Integrating Security across multiple Services across the AdRoll Infrastructure

• Enforcing Security Policy at Scale

• Integrating Security into Existing Engineering Practices without any disruption

Threat Stack Workflow

• Threat Stack Agent Integrated into AMI images pre-approved by SRE with various deployment automation tools for coverage across all Services.

• Security Monitoring on per service basis using custom ruleset to baseline each service behaviors.

• Initial challenges in adopting Threat Stack is deriving per service baselines and an initial rule set.

• Daily and weekly alert review, create suppression rules for new or changed baselines creation advice: better let some noise come through than miss something important.

Ilya’s Cloud Security Advice…

Be PatientCloud Security is important and important things take time to get right.

Build vs. BuyDo the calculations – you might be surprised by the cost of building…

Ask for HelpThreat Stack cloud security experts are always available to help; you don’t have to know all of the answers

Threat Stack Customer Story:

Anshu GuptaDirector of Information Security

Background:

Anshu Gupta is the Director of Information Security at HelloSign, a leading eSignature company.

Anshu is a long time security practitioner, having served as a trusted advisor on information security issues to Fortune 500 companies at Ernst & Young and KPMG and recently in senior security management roles at Esurance and Coupa Software.

Infrastructure Overview

• Highly orchestrated Dynamic Infrastructure with sophisticated Operations and Security Teams

• Infrastructure, tools and operational models designed to support rapid company growth

• Tight collaboration between DevOps and Security teams to manage Risk and Compliance Objectives

Key Use Cases for Cloud Security

ComplianceDerivatives

• Security as an accelerator for Business growth in partnership with Developers and Operations team

• Security tools designed for DevOps workflow and scale to known mature Security Functions (File Integrity Monitoring, Vulnerability Management)

• Enforcing Security Policy at Scale as business grows

• Support Compliance objectives with least overhead

• Augment Security mindshare through engagement model.

IntegratedSecurity

Multiple Security Functions

HelloSign : Why Threat Stack?

• Cloud native platform preferred by our DevOps team

• Threat Stack Team - engineering company with a solid product

• Exceptional support with service centric mindset

• Greater visibility into our environment using a single tool

Anshu’s Cloud Security Advice…

Modern ApproachCloud Security requires a new approach that fits well with the dynamic world

Security and ComplianceCombine functions – you might be surprised how both these worlds are so closer in the new world

Demand more..Threat Stack Cloud Security as an extended resource to augment Security mindshare.

Start Securing Your AWS Infrastructure

Next Steps and Trial Offer

Start continuously monitoring your AWS environment today with Threat Stack

We can help with every step along your cloud security journey!http://get.threatstack.com/aws-security-week

AWS Security Week Workshop

Integrated Security & O

Pete CheslockHead of Ops & Support@petecheslock

Tim ArmstrongProduct Marketing Manager@_timarmstrong

Continuous AWS Security Monitoring Platform