Scribd Logo
Unggah

Selamat datang di Scribd!

  • Security Threat and AWS Modeling Project Lecture

    Diunggah oleh

    Nope
    67 tayangan11 halaman
    This video discusses security threat modeling on AWS. It provides templates and a quick start guide for creating a threat model in PowerPoint, with an example of a Linux bastion hosts on AWS. Students are instructed to download AWS templates, review the quick start guide, and create their own threat model in PowerPoint based on the bastion host example. The video also covers how to identify security risks and mitigations when modeling infrastructure as code in the cloud.

    Deskripsi Asli:

    Modeling for AWS

    Hak Cipta

    © © All Rights Reserved

    Format Tersedia

    PPTX, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    This video discusses security threat modeling on AWS. It provides templates and a quick start guide for creating a threat model in PowerPoint, with an example of a Linux bastion hosts on AWS. Students are instructed to download AWS templates, review the quick start guide, and create their own threat model in PowerPoint based on the bastion host example. The video also covers how to identify security risks and mitigations when modeling infrastructure as code in the cloud.

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai PPTX, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    67 tayangan11 halaman

    Security Threat and AWS Modeling Project Lecture

    Diunggah oleh

    Nope
    This video discusses security threat modeling on AWS. It provides templates and a quick start guide for creating a threat model in PowerPoint, with an example of a Linux bastion hosts on AWS. Students are instructed to download AWS templates, review the quick start guide, and create their own threat model in PowerPoint based on the bastion host example. The video also covers how to identify security risks and mitigations when modeling infrastructure as code in the cloud.

    Hak Cipta:

    © All Rights Reserved
    Unduh sebagai PPTX, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 11

    CNT 4422 CLOUD SECURITY

    AWS AND SECURITY THREAT


    MODELING
    Adjunct Professor Miles
    This Video
     Security Threat Modeling
     AWS Templates
     AWS Quick Starts
     Threat Modeling Template
     Create your own Threat Model in PowerPoint
     Deliverable: Turn in your own Threat Model in PowerPoint
     Clean it up and make presentable to client
     Security Points
     Understand the ingress and egress of cloud environments
     Common cloud model breakdown for Infrastructure as a Service
     Learn how to create your own Threat Models
     Think Cloud Security

    AWS AND THREAT MODELING


    AWS Templates and Quick Starts
     Security Threat Modeling
     AWS Templates
     https://aws.amazon.com/architecture/icons/
     Search AWS PowerPoint Templates
     AWS Quick Starts
     https://aws.amazon.com/quickstart/
     Search AWS Quick Start
     Review the Linux Bastion Hosts on AWS – Quick Start
     https://aws.amazon.com/quickstart/architecture/linux-bastion/
     Assignment download AWS templates and review the quick start and
    create your own model in PowerPoint based on Bastion Host on AWS. Next
    few slides I will cover the threat model and you will need to create a threat
    model for the same environment.

    AWS TEMPLATES AND QUICK STARTS


    Corporate Network Internet AWS Admin
    3
    ACME.COM Account
    Cloud Console / API
    1
    Access
    DevOps
    Admin Root
    2 Account
    Browser AppDev

    DevOps
    User
    SSH Session Cloud Resources Accounts
    (https)
    AppDev
    Network
    Hacker VPC

    User
    Compute
    Web Server
    Virtual Machine
    User
    Storage

    CLOUD BASICS Application


    Layer
    S3
    Boundaries Corporate Network
    Entity Data Flow Internet

    AWS
    Entity
    Cloud Resources

    Application
    Traffic Layer
    Process Initiate
    Data Flow

    Port 22
    Hacker

    Traffic
    Initiate
    Data Flow
    1

    SECURITY THREAT MODEL TEMPLATE


    HOW TO CREATE AN AWS MODEL
    https://www.owasp.org/index.php/Application_Threat_Modeling

    DEMONSTRATION - HOW TO CREATE A


    SECURITY THREAT MODEL AND THREAT PROFILE
    Corporate Network Internet AWS Admin
    ACME.COM Account
    Cloud Console / API
    Access
    SSH Client DevOps
    Admin Root
    Account
    Browser AppDev

    DevOps
    User
    SSH Session Cloud Resources Accounts
    (https)
    AppDev
    Port 22
    1
    Hacker Bastion Host

    Public Subnet
    User Port 22

    2
    User Web Server Database Server

    Public
    THREAT MODEL
    Port 443
    Subnet Private Subnet VPC
    Application Layer
    Threat # Name Description Risk Mitigation / Customer
    Security Control Acceptance

    1 SSH Bastion Host is open to port (1) Spoofing (1) Protect Pem
    22 (2) Repudiation Key
    (3) Denial of (2) No Sharing of
    service Keys
    (3) Restrict
    Availability
    2 HTTPS Public Web Server port 443 / (1) Spoofing (1) Authentication
    HTTPS (2) Tampering (2) Integration
    (3) Repudiation (3) Non-
    (4) Information Repudiation
    Disclosure (4) Confidentiality
    (5) Denial of (5) Availability
    Service (6) Authorization
    (6) Elevation of
    Privilege

    THREAT PROFILE
     Security Points
     Understand the ingress and egress of cloud environments
     Common cloud model breakdown for Infrastructure as a Service
     Learn how to create your own Threat Models
     Think Cloud Security
     Threat Modeling
     https://www.owasp.org/index.php/Application_Threat_
    Modeling

     AWS Quick Starts


     https://aws.amazon.com/quickstart/

    RESOURCES

    Anda mungkin juga menyukai