Objectives

Cloud Security Policies

Best Practices for Endpoint Security

• Always use HTTPs
• Enforce Strong Authentication
• Use on-way password hashing
• Utilize Rate Limiting
• Require IP Filtering
• Apply Input Validation

Passwords

Account Lockout Policies

• Controlling Access
  • Blacklisting
  • Whitelisting

Cloud User Permissions

HIDS (Host-based Intrusion Detection Systems)

• It evaluates the incoming and outgoing traffic of the host

• It uses Signature based detection

• Monitor and analyze systems

• Monitor and analyze network packets

HIPS (Host-based Intrusion Prevention Systems)

• It protects the network systems

Hardened Baselines for App Security

AWS Firewall Manager

• It helps manage firewall rules
• Deploy rules
• Enforces security policies
• Deploy baseline security group rules

AWS Firewall manager: Use Cases

• To Protect Applications
• To Deploy Tools
• To Audit Resources

AWS Firewall Manager: Features

• Centrally deploy AWS firewall rules
• Deploy security groups and rules across all your accounts and VPCs
• Audit security groups
• Enforce Compliance
• Enforce rules in a hierarchical manner
• Enable cross-account protection policies
• Group Resources
• Manage aws marketplace apps

AWS Firewall Manager: Policies