[[_TOC_]]

* * *

Workshops Overview
==================

Security workshops are designed to introduce and educate on available services, features, and architectural patterns to facilitate decision making across core security epics and to empower technical teams to operate AWS environment in a secure and efficient manner.

Workshops Matrix
================

| Session | Audience | Time | Session Description | Artifact/Activity Links |
| --- | --- | --- | --- | --- |
| SRC - Overview of AWS Security | ALL | 90 min | Review of AWS global infrastructure, shared responsibility model and security assurance programs to learn how AWS approaches security when protecting the cloud and to understand customer responsibility in the cloud. | Security Workshops |
|   SRC - Overview of Virtual Private Cloud   | WS |   90 min   | (Covered in LZ Workstream) Review of AWS Virtual Private Cloud and networking concepts including DNS, HA, connectivity and security features to understand how networking is implemented in AWS. |    Landing Zone VPC and Subnet Design   |
| SRC - AWS Network Security Design | WS | 90 min | Deep dive on AWS VPC security features and network/application security controls to understand how to operate reliably and securely on AWS. | Infrastructure Security Strategy |
| SRC - Deep Dive on Identity & Access | WS | 120 min | Review of AWS IAM service and federation options to understand how access authentication and authorization can be securely managed across multiple AWS accounts. | Identity and Access Management Strategy |
| SRC - Logging and Alerting Design | WS | 90 min | Review of log sources, processing methods, and best practices to understand how to extract and correlate logs from multiple data sources and build an environment for an efficient incident response. | Logging and Monitoring Strategy |
| SRC - Encryption and Data Protection | WS | 90 min | Review of encryption at rest/in transit and key management options to understand customer responsibility for the data in AWS and how to protect it. | Data Protection Strategy |
| SRC - Security Automation | WS | 90 min | Review of automated tools and mechanisms for monitoring the security of AWS environment and for remediating security compliance deviations. | Security Workshops |
| SRC - Secure by Design | WS | 90 min | Review of security by design principals and methodologies. | Security Workshops |
| SRC - Incident Response | WS | 90 min | Review of security incidents indicators and available detective controls, sources of information for security incidents investigation, incident response walkthrough for common security incidents to build knowledge and expertise in incident management on AWS cloud | Incident Response Strategy |
| SRC - Security JAM | WS | 240 min | Experience a wide range of AWS services in a series of prepared scenarios (no more than 14) that represent common use-cases and operational tasks, such as remediation at scale, automation, forensics, incident response, compliance and many others. | Security Workshops |

 **Attachments:**