AWS re:Invent 2022
Reducing Exposure in the Cloud Prt011

Title

AWS re:Invent 2022 - Reducing exposure in the cloud (PRT011)

Summary

  • The talk focused on the challenges of asset management in the cloud era, where assets are not just physical but also software-defined, such as EC2 instances, containers, roles, policies, Lambda functions, users, and groups.
  • The speaker highlighted the complexity of managing and understanding the relationships between these assets within an organization's sprawling cloud estate.
  • They presented statistics showing the average security team is responsible for over 165,000 cyber assets and uses more than 130 tools, emphasizing the difficulty in correlating data and gaining visibility.
  • The concept of Cyber Asset Attack Surface Management (CAASM) was introduced, which provides persistent visibility and understanding of all assets, both internal and external, through API integration with existing tools.
  • Jupyter One's architecture was explained, which uses a graph data model to normalize and aggregate data from various sources, including CSPs, identity providers, vulnerability scanners, and more.
  • The importance of graph theory in security was discussed, with an emphasis on recognizing interconnected relationships and understanding the tempo of asset turnover.
  • Jupyter One's differentiators were outlined, such as being cloud-native, agentless, and using AWS Neptune for graph database technology, along with their custom J1QL query language for querying data relationships.
  • The speaker provided examples of simple and complex security queries and an AWS security example to illustrate the power of graph-based asset visibility.
  • The talk concluded with the benefits of Jupyter One for inventory management, security operations, cloud posture management, and governance, risk, and compliance.

Insights

  • The transition to cloud computing has significantly increased the number and complexity of assets that security teams must manage, making traditional IP-based asset management approaches insufficient.
  • The use of graph theory and graph databases, like AWS Neptune, can provide a more connected view of assets and their relationships, which is crucial for understanding and mitigating security risks.
  • Cyber Asset Attack Surface Management (CAASM) is emerging as a critical discipline for organizations to gain comprehensive visibility into their cloud assets and manage their security posture effectively.
  • The integration of various security tools and data sources into a centralized platform like Jupyter One can streamline security operations and improve the efficiency of identifying and responding to security threats.
  • The ability to query complex relationships between assets using a specialized query language (J1QL) can empower security teams to uncover hidden risks and dependencies that may not be visible through traditional security consoles or tools.
  • Jupyter One's approach to continuous governance and evidence collection for audits suggests a shift towards more dynamic and ongoing compliance management, as opposed to static, point-in-time assessments.
Reduce Your Operational and Infrastructure Costs with Amazon Ecs Con308Reducing Your Area of Impact and Surviving Difficult Days Arc305