Provable access control: Know who can access your AWS resources
The AWS Automated Reasoning Group focuses on strengthening the security foundations of AWS and provides customers with tools to verify their own security posture. In this session, we discuss the evolution of automated reasoning technology at AWS and how it works in the services in which it is embedded, including Amazon Simple Storage Service (Amazon S3), AWS Config, and Amazon Macie. Learn what's ahead for automated reasoning at AWS and the customer problems it continues to solve in the security and broader cloud space.
AWS re:Invent
59 min
Security best practices for the Amazon EC2 instance metadata service
Mark Ryland
The Amazon EC2 instance metadata service (IMDS) provides a rich set of relevant data to software on that instance. The IMDS ability to perform introspection about the runtime environment, as well as β¦
YaTalks
28 min
DDoS-Π°ΡΠ°ΠΊΠ° MΔris ΠΈ ΠΊΠ°ΠΊ Π―Π½Π΄Π΅ΠΊΡ Π΅Ρ ΠΏΠ΅ΡΠ΅ΠΆΠΈΠ»
ΠΠΌΠΈΡΡΠΈΠΉ ΠΠΎΡΠΎΠ²
ΠΠ°ΠΆΠ΅ΡΡΡ, ΡΡΠΎ ΡΠΆΠ΅ Π²ΡΠ΅ ΡΠ»ΡΡΠ°Π»ΠΈ ΠΎ ΡΠ°ΠΌΠΎΠΉ ΠΌΠ°ΡΡΡΠ°Π±Π½ΠΎΠΉ DDoS-Π°ΡΠ°ΠΊΠ΅ Π² ΠΈΡΡΠΎΡΠΈΠΈ ΠΈΠ½ΡΠ΅ΡΠ½Π΅ΡΠ° β MΔris. ΠΡΠ΅Π½Ρ ΠΌΠ½ΠΎΠ³ΠΎΠ΅ Π² ΡΡΠΎΠΉ ΠΈΡΡΠΎΡΠΈΠΈ ΠΏΠΎΠΊΠ° Π΅ΡΡ ΠΏΡΠΎΡ ΠΎΠ΄ΠΈΡ Β«ΠΏΠΎΠ΄ Π³ΡΠΈΡΠΎΠΌ ΡΠ΅ΠΊΡΠ΅ΡΠ½ΠΎΒ». ΠΠΎ ΡΠ΅ΠΉΡΠ°Ρ ΠΌΡ Π³ΠΎΡΠΎΠ²Ρ ΠΏΠΎΠ΄Π΅Π»ΠΈΡΡΡΡ Π±ΠΎΠ»ΡΡΠΎΠΉ ΡΠ°Ρβ¦
YaTalks
29 min
ΠΠ΅Π½ΠΎΠΌΠ½Π°Ρ ΠΏΠ°ΡΠΏΠΎΡΡΠΈΠ·Π°ΡΠΈΡ ΡΠΎΡΡΠΈΡΠ½ Π² ΡΠ΅ΠΆΠΈΠΌΠ΅ ΡΠΊΡΠΏΠΎΠ½Π΅Π½ΡΡ Ρ ΡΠΎΡΠΊΠΈ Π·ΡΠ΅Π½ΠΈΡ Π±ΡΠΊΠ΅Π½Π΄Π°
ΠΠ»Π°Π΄ΠΈΠΌΠΈΡ ΠΡΡΠ΅Π²
Genotek Π±ΡΠ» ΡΠΎΠ·Π΄Π°Π½ Π² 2010 Π³ΠΎΠ΄Ρ, ΡΡΠΎΠ±Ρ ΠΏΡΠ΅Π΄ΠΎΡΡΠ°Π²ΠΈΡΡ ΡΠ΅Π»ΠΎΠ²Π΅ΠΊΡ Π³Π΅Π½Π΅ΡΠΈΡΠ΅ΡΠΊΡΡ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ ΠΎ Π΅Π³ΠΎ Π·Π΄ΠΎΡΠΎΠ²ΡΠ΅, ΠΌΠ΅Π΄ΠΈΡΠΈΠ½ΡΠΊΠΈΡ ΡΠΈΡΠΊΠ°Ρ , ΡΠΏΠΎΡΠΎΠ±Π½ΠΎΡΡΡΡ ΠΈ Π³Π΅Π½Π΅Π°Π»ΠΎΠ³ΠΈΠΈ, ΠΈ ΡΠ΄Π΅Π»Π°ΡΡ ΠΏΠ΅ΡΡΠΎΠ½ΠΈΡΠΈΡΠΈΡΠΎΠ²Π°Π½Π½ΡΡ ΠΌΠ΅Π΄ΠΈΡΠΈΠ½Ρ Π΄ΠΎΡΡΡΠΏΠ½ΠΎΠΉ Π΄Π»Ρβ¦
ITeaConf
32 min
ΠΠΎΠ½ΠΎΠ»ΠΈΡ -> ΠΌΠΈΠΊΡΠΎΡΠ΅ΡΠ²ΠΈΡ -> ?
ΠΠ½Π΄ΡΠ΅ΠΉ ΠΠ΅Π»ΠΈΡ ΠΎΠ²
Π Π°Π·Π±ΠΈΠ²Π°Ρ Π½Π°Ρ JavaScript-ΠΌΠΎΠ½ΠΎΠ»ΠΈΡ (ΠΊΡΠ΄Π° Π±Π΅Π· Π½Π΅Π³ΠΎ) ΠΌΡ ΠΊΠΎΠΌΠΏΠ°Π½ΠΈΠΈ Osome Π΄Π²ΠΈΠ½ΡΠ»ΠΈΡΡ Π΄Π°Π»ΡΡΠ΅ ΠΌΠΈΠΊΡΠΎΡΠ΅ΡΠ²ΠΈΡΠΎΠ² ΠΈ ΡΡΠ°Π·Ρ ΠΏΠ΅ΡΠ΅Π²Π΅Π·Π»ΠΈ Π²ΡΡ Π½Π° ΡΡΠ½ΠΊΡΠΈΠΈ, ΠΎΡΠΊΠ°Π·Π°Π²ΡΠΈΡΡ ΠΎΡ Koa, Express, Nest ΠΈΠ»ΠΈ ΠΈΠ½ΡΡ ΡΠ΅ΡΠ΅Π½ΠΈΠΉ. ΠΠ°ΡΠΈΠΌ Π½ΠΎΠ²ΡΠΌ ΡΡΠ΅ΠΉβ¦
NDC DevOps
59 min
It's A Trap!
Sam Newman
The growth of the public cloud market is obvious to everyone. But whatβs less well known is that enterprises are still growing the infrastructure and services they run for themselves. A host of reasoβ¦
NDC DevOps
58 min
Top Secret Cloud Native Security Lessons
Ben Hall
Cloud native technologies such as Kubernetes, Docker, Istio and more are becoming the foundations of software development and infrastructure deployments. With these new technologies, a new set of lesβ¦
JSConf Budapest
23 min
StrangerDanger: Finding Security Vulnerabilities Before They Find You!
Liran Tal
Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. Youβre introducing someone elseβs code into your system, often with littβ¦
YaTalks
62 min
99,99: ΡΡΠΎ ΡΠ΄Π΅Π»Π°ΡΡ, ΡΡΠΎΠ±Ρ Π²Π°Ρ ΡΠ΅ΡΠ²ΠΈΡ ΡΡΠ°Π» Π½Π°Π΄ΡΠΆΠ½ΡΠΌ
ΠΠΌΠΈΡΡΠΈΠΉ ΠΠΎΡΠΎΠ², ΠΠ²Π³Π΅Π½ΠΈΠΉ Π ΠΎΡΠΈΠ½ΡΠΊΠΈΠΉ, ΠΠ»Π΅ΠΊΡΠ°Π½Π΄Ρ ΠΡΠ΅Π½ΠΎΠ², ΠΠ°ΡΠ΅ΠΊ Π’Π°ΡΠ΅Π²ΠΎΡΡΠ½
ΠΠΎΠ³ΠΎΠ²ΠΎΡΠΈΠΌ ΠΎ ΠΊΠΎΡΠΌΠΈΡΠ΅ΡΠΊΠΎΠΉ ΡΡΠ°Π±ΠΈΠ»ΡΠ½ΠΎΡΡΠΈ ΠΈ ΠΎΡΠΊΠ°Π·ΠΎΡΡΡΠΎΠΉΡΠΈΠ²ΠΎΡΡΠΈ. Π‘Π΅ΡΠ²ΠΈΡΡ ΡΠΎ ΡΡΠ°Π±ΠΈΠ»ΡΠ½ΠΎΡΡΡΡ 99.99. ΠΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎ Π»ΠΈ ΡΡΠΎ? ΠΡΠ»ΠΈ Π΄Π°, ΡΠΎ ΠΊΠ°ΠΊ ΡΡΠΎ ΡΠ΅Π°Π»ΠΈΠ·ΠΎΠ²Π°Π½ΠΎ Π² ΡΠ°Π·Π½ΡΡ ΠΊΠΎΠΌΠΏΠ°Π½ΠΈΡΡ . ΠΠ°Ρ Ρ Π²Π°ΠΌΠΈ ΠΆΠ΄ΡΡ Π΄ΠΈΡΠΊΡΡΡΠΈΡ ΠΎ ΡΠΎΠΌ: ΠΠ°ΠΊ β¦
DotNext
49 min
Deserialization vulns: past, present, and future
ΠΠΈΡ Π°ΠΈΠ» Π©Π΅ΡΠ±Π°ΠΊΠΎΠ²
ΠΠΊΡΠΏΠ΅ΡΡ ΠΈΠ· ΠΌΠΈΡΠ° security Π²Π½ΠΎΠ²Ρ ΡΠ°ΡΡΠΊΠ°ΠΆΠ΅Ρ, ΠΊΠ°ΠΊ ΡΠ°ΠΌ ΠΎΠΏΠ°ΡΠ½ΠΎ ΠΈ ΡΡΠΎ Ρ ΡΡΠΈΠΌ Π΄Π΅Π»Π°ΡΡ. Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ Π² ΠΏΡΠΎΡΠ΅ΡΡΠ΅ Π΄Π΅ΡΠ΅ΡΠΈΠ°Π»ΠΈΠ·Π°ΡΠΈΠΈ Π½Π΅Π΄ΠΎΠ²Π΅ΡΠ΅Π½Π½ΡΡ Π΄Π°Π½Π½ΡΡ ΠΈΠ·Π²Π΅ΡΡΠ½Ρ Π±ΠΎΠ»Π΅Π΅ 10 Π»Π΅Ρ, Π²ΠΊΠ»ΡΡΠ΅Π½Ρ Π² OWASP Top 10 ΠΈ Π·Π° ΠΏΠΎΡΠ»Π΅Π΄Π½ΠΈΠ΅ Π½β¦
TechTrain
67 min
ΠΠ²ΠΎΠ»ΡΡΠΈΡ ΡΠΏΠΎΡΠΎΠ±ΠΎΠ² ΡΠΎΡ ΡΠ°Π½Π΅Π½ΠΈΡ ΠΊΠΎΠ½ΡΠΈΠ΄Π΅Π½ΡΠΈΠ°Π»ΡΠ½ΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ Π² ΡΠ΅ΠΊΡΠ΅ΡΠ΅
ΠΠ»Π΅ΠΊΡΠ°Π½Π΄ΡΠ° ΠΠ°Π»ΠΈΠ½ΠΈΠ½Π°
ΠΠ°ΠΆΠ΄ΡΠΉ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠΈΡΡ Π² ΡΠ²ΠΎΠ΅ΠΉ ΠΆΠΈΠ·Π½ΠΈ Π²ΡΡΡΠ΅ΡΠ°Π΅ΡΡΡ Ρ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠ΅ΠΉ, ΠΊΠΎΡΠΎΡΡΡ Π½Π΅ΠΎΠ±Ρ ΠΎΠ΄ΠΈΠΌΠΎ Π΄Π΅ΡΠΆΠ°ΡΡ Π² ΡΠ΅ΠΊΡΠ΅ΡΠ΅: ΠΏΠ°ΡΠΎΠ»ΠΈ ΠΊ ΡΡΠ΅ΡΠΊΠ°ΠΌ, ΡΠ΅ΠΊΡΠ΅ΡΠ½ΡΠ΅ ΠΊΠ»ΡΡΠΈ Π΄ΠΎΡΡΡΠΏΠ°, CVV ΠΊΠΎΠ΄ ΠΎΡ ΠΊΠ°ΡΡΠΎΡΠΊΠΈ, Π² ΠΊΠΎΠ½ΡΠ΅ ΠΊΠΎΠ½ΡΠΎΠ². ΠΠ΄Π½Π°ΠΊΠΎ Π½Π΅ ΠΊΠ°ΠΆΠ΄ΡΠΉ ΡΡΠ°Π·β¦
AWS re:Invent
56 min
National Australia Bank: Automating governance in Financial Services
Christopher Miras, Yuri Belenky
National Australia Bank (NAB) is migrating hundreds of sensitive, regulated financial workloads to the cloud. This session focuses on the automated approach that NAB has taken to evolve and scale itsβ¦
MinskJS
20 min
ΠΠ΅Π·ΠΎΠΏΠ°ΡΠ½ΡΠΉ input. Π‘Π±ΠΎΡ Π΄Π°Π½Π½ΡΡ ΠΏΠ»Π°ΡΡΠΈΠΊΠΎΠ²ΠΎΠΉ ΠΊΠ°ΡΡΡ Π² iframe
ΠΠ΄ΡΠ°ΡΠ΄ Π’ΠΈΡΠΎΠ²
Β«ΠΠΎΠΊΠ»Π°Π΄ ΠΎΠ± ΠΎΡΡΠΈΡΠΎΠ²ΠΊΠ΅ ΡΠΎΡΠΌΡ Π² iframeΒ», β ΡΠΊΠ°ΠΆΠ΅ΡΠ΅ Π²Ρ. Π Π΄Π°, ΠΈ Π½Π΅Ρ. ΠΡΠ΄Π΅Ρ Π½Π΅ ΡΠΎΠ»ΡΠΊΠΎ ΡΠΎΡΠΌΠ°, Π΄Π° ΠΈ iframe Π±ΡΠ΄Π΅Ρ Π½Π΅ ΠΎΠ΄ΠΈΠ½, ΠΏΠΎΡΠΊΠΎΠ»ΡΠΊΡ ΠΎΡΡΠΈΡΠΎΠ²Π°ΡΡ ΡΠΎΡΠΌΡ β ΡΡΠΎ Π΄Π°Π»Π΅ΠΊΠΎ Π½Π΅ Π²ΡΡ. ΠΡ ΡΠ·Π½Π°Π΅ΡΠ΅, ΡΡΠΎ Π½ΡΠΆΠ½ΠΎ ΡΠ΄Π΅Π»Π°ΡΡ Π΄Π»Ρ Π±Π΅β¦
swampUP
25 min
Lesson Learned From Cloud Migrations: Planning is Everything
Chris Short
βMigrating to the cloud saves money!β βNot running your own infrastructure reduces your bottom line!β βLift and shift is a legitimate first step towards moving to the cloud!β These are all potential β¦