Compliance is necessary and a good thing. However, many compliant companies are still getting breached. In this talk, we discuss the importance of using a risk model to figure out the biggest threat to your business and mitigation and monitoring tactics to guard against these high-risk threats. We also dive into a real-world example of achieving Payment Card Industry Data Security Standard (PCI-DSS) compliance in under a year; we share architecture and design patterns; and we discuss what worked and what didn't. Leave this session knowing what the top cloud attack vectors are and how to protect yourself by using AWS services to build a fully automated, highly flexible and secure environment.
This session is part of the re:Invent Developer Community Day, six community-led sessions where AWS enthusiasts share technical insights on trending topics based on first-hand experiences and knowledge shared within local AWS communities.