22-08 Security Design Principles
# Implement a strong identity foundation
Implement the Principle of Least Privilege (PoLP). Use Centralized identity. Avoid Long-lived credentials
# Enable traceability
Monitor alert and audit actions and changes to your environment in real-time Integrate log and metric collection and automate investigation and remediation
# Apply security at all layers
Take Defense-in-depth approach with multiple security controls for everything eg. Edge Network, VPC, Load Balancing Instances, OS, Application Code
# Automate security best practices
# Protect data in transit and at rest
# Keep people away from data
# Prepare for security events
Incident management systems and investigation policy and processes. Tools to detect, investigate and recover from incidences