AWS re:Invent 2022
A Deep Dive on the Current Security Threat Landscape with Aws Net207

Title

AWS re:Invent 2022 - A deep dive on the current security threat landscape with AWS (NET207)

Summary

  • The session focused on the current security threat landscape, particularly DDoS attacks, web application vulnerabilities, and botnets.
  • Steve, a partner solutions architect for security at AWS, and Fola, a security engineer from the AWS Shield Response Team, presented the session.
  • They discussed AWS services that help mitigate threats, such as AWS Shield, AWS WAF, and AWS Network Firewall.
  • Insights from AWS's massive infrastructure and threat intelligence were shared, including data on common threats and attack vectors.
  • The shared responsibility model was emphasized, highlighting AWS's role in securing the cloud and the customer's role in securing their applications.
  • Real-world examples were provided to illustrate how AWS protects customers and how customers can protect themselves using AWS services.
  • Best practices and remediation strategies were discussed, including leveraging AWS's infrastructure and following AWS's prescriptive guidance.
  • The importance of automatic remediation and managing credentials securely to avoid security events was stressed.

Insights

  • The threat landscape is evolving, with a 39% increase in DDoS attacks compared to the previous year, attributed to the growth of proxies and botnets.
  • AWS's global infrastructure provides a unique vantage point to observe and analyze internet traffic, allowing AWS to create protections for customers.
  • AWS Shield Advanced offers additional benefits, including access to the Shield Response Team and cost protection during scaling due to DDoS attacks.
  • Web application vulnerabilities remain a significant threat, with code injection being the most common attack vector.
  • Botnets are a major contributor to DDoS attacks and web exploits, with vulnerable internet devices being recruited for malicious purposes.
  • The shared responsibility model is crucial, with AWS securing the cloud infrastructure and customers responsible for securing their systems.
  • Automatic remediation is a key strategy in managing security threats, as it allows for immediate neutralization of threats such as exposed credentials.
  • Best practices include limiting the use of root accounts, securing pathways to data, implementing a defense-in-depth strategy, and having a tested backup and recovery strategy.
A Day in the Life of a Billion Requests Sec404A Deployment Is Not a Release Control Your Launches Wfeature Flags Boa305 R