commonplace
  • Commonplace
  • AWS
    • Control Tower
      • Building a Scalable and Secure Multi-VPC AWS Network Infrastructure
    • Talks / Articles
      • Encrypting Everything with AWS (SEP402)
      • The Tension Between Absolutes & Ambiguity in Security (SEC310)
      • Best practices for authoring AWS CloudFormation (DOP302-R1)
    • Useful Links
    • Notes
      • awscli
      • Cloudformation
        • Using Parameters
  • Infrastructure Security
    • Amazon Web Services
      • Tools
    • Tools
  • Security
    • Articles
      • If You're Not Doing Continuous Asset Management You're Not Doing Security | Daniel Miessler
      • Living Off the Land
        • Living Off The Land: Part 2
    • Cryptography
      • Shamir Secret Sharing Algorithm
    • Distros
      • REMnux
    • DoD
    • Email
    • GPG
    • Shodan
    • SSH
  • Resources
    • AWS Toolbox
    • CTF
      • AWS
    • Dev Setup
      • Windows Terminal
    • Documentation
      • MOCK Press Release Template
      • Design Document Template
    • Docker
      • Notes
      • Configure Docker w/TLS for WSL
    • Kubernetes
      • Raspberry Pi 4 (4GB) Cluster
    • Linux
      • zsh config
      • Users and Groups
    • Python
      • AWS
        • Lambda
      • Random Strings
    • Security News
    • Tools
    • Unity SSDLC
    • vscode
      • Cloudformation
    • Windows
      • WSL2
        • Scratchpad
        • Install a GUI (xfce)
        • Creating Additional WSL2 Instances
    • Youtubers
      • youtube-dl snippets
  • Lab
    • Building a Better Workstation
      • Notes / Guide
  • Misc
    • Notes
      • youtube-dl
  • Recipes
Powered by GitBook
On this page

Was this helpful?

  1. AWS
  2. Talks / Articles

The Tension Between Absolutes & Ambiguity in Security (SEC310)

PreviousEncrypting Everything with AWS (SEP402)NextBest practices for authoring AWS CloudFormation (DOP302-R1)

Last updated 5 years ago

Was this helpful?

Security is an optimization problem. A security team's goal is to enable the delivery of maximum business value at minimum risk and at minimum cost. Over investment in security is inefficient and slows the business down. Under investment in security can lead to expensive breaches and slows the business down. Striking the right balance requires careful risk management decisions and judgement calls. There are rarely absolutes when dealing with security, yet we've found a few situations where it's useful to apply absolutes to a field filled with shades of grey. Join this session to learn what they are. Complete Title: AWS re:Invent 2018: 0x32 Shades of #7f7f7f: The Tension Between Absolutes & Ambiguity in Security (SEC310)