Training: 8–9 November 2016
Tutorials & Conference: 9–11 November 2016
Amsterdam, NL

From dev to production: Security best practices on managing Amazon Web Services (AWS) environments

Dan Amiga (Fireglass), Dor Knafo (Fireglass)
11:20–12:00 Friday, 11 November, 2016
Tech, tools, and processes
Location: G103 Level: Intermediate
Average rating: *****
(5.00, 3 ratings)

Prerequisite knowledge

  • Familiarity with cloud computing concepts, application architecture (load balancers, firewalls, and application tiers), and identity management basics

What you'll learn

  • Understand the major AWS security components
  • Learn best practices on how to architect cloud usage in the organization (from scratch or by adapting an existing deployment) across different functional teams for better compliance, processes, and security


Your engineering team is using AWS for deploying applications, storing data, hybrid networking, and many other services, but what does it mean for IT security? Dan Amiga and Dor Knafoa offer a technical, hands-on overview of how engineering is using AWS and outline the missing security pieces that should be put in place. Dan and Dor start with a quick overview of what applications in the cloud look like and the different roles in putting that application in production before discussing the main issues, gotchas, and caveats when working with AWS in a straightforward, “just provision” mode. They conclude with a detailed resource demo where they provision compute and data resources and explain important settings that should be configured in AWS to help security teams.

Photo of Dan Amiga

Dan Amiga


Dan Amiga is the cofounder and CTO of FireGlass, a cybersecurity startup that commercializes military-grade network security concepts into paradigm shifting enterprise security products. Dan has spent years doing IT security in the IDF Intelligence, where he was focused on inventing and developing new security solutions that go far beyond firewalls, proxies, or heuristic-based antimalware solutions. After moving to the private sector, Amiga has worked for the Microsoft Technology Center as a senior consultant for highly secure organizations, governments, and critical infrastructure companies. He then moved to the energy giant Schneider Electric, where he held the position of chief software architect. Dan has given talks at major international security and software conferences and is an adjunct professor at the Interdisciplinary Center, Israel, where he teaches advanced cloud computing topics.

Photo of Dor Knafo

Dor Knafo


Dor Knafo leads security research at FireGlass, where he is responsible for all malware, web attacks, and reverse engineering research. Prior to FireGlass, Dor spent five years in the IDF Intelligence as a security and research engineer.