Mittwoch, 22. Januar 2020
Jungheinrich Digital Solutions (the IOT People of Jungheinrich) is happy to present to great Talks:
- The Good, the Bad and the Ugly — one year of integrating AWS security services by Vladyslav Cherednychenko (Information Security Engineer)
- GraphQL API - an introduction by Nils Hartmann (freelance software developer, trainer and coach)
The Good, the Bad and the Ugly — one year of integrating AWS security services by Vladyslav Cherednychenko (Information Security Engineer)
So you’re running all your applications in one AWS account. You have EC2 instances behind load balancers, security groups are not too permissive, S3 buckets are not public… You are still managing to take care of all IAM users and roles by occasionally looking into access advisor, the sky is blue and the grass is green. But your infrastructure keeps growing and now you have 2, 5, 10, wait for it, 50 (!?) AWS accounts to manage, dozens of IAM groups, 100+ users, hundreds of instances... How can you keep up with all the rapid growth, make sure that all the resources are compliant, monitor your infrastructure for unusual behaviour and maintain sanity?
During this talk I will share my experience of keeping an AWS infrastructure with more than 50 accounts, 600 instances, hundreds of buckets and IAM resources secure. You will hear how to make use of certain AWS security services across your whole organisation, even though the services don’t have cross-account or cross-region support.
Specifically, the services include:
GuardDuty, AWS Inspector, WAF, Config, IAM and others
About Vladyslav Cherednychenko (Information Security Engineer):
I have been working as a security engineer at AboutYou for 1.5 years and most of this time I spent securing our AWS infrastructure that serves millions of customers all over Europe.
GraphQL API - an introduction by Nils Hartmann (freelance software developer, trainer and coach)
GraphQL is a language for querying data, often referred to as an alternative to REST, which enable clients to choose themselves the data they want to read from a server depending on their needs/use-cases. GraphQL is standardized within the GraphQL Foundation (having members including Atlassian, GitHub and AWS) and is available for a wide range of programming languages and libraries, both for backend and frontend.
In this talk I will give you an overview over the basic ideas and concepts of GraphQL. The talk will be almost programming language agnostic, I only will show a few simple code examples (Java) that should be understandable even without Java knowledge.
About Nils Hartmann: