Security Cloud Privacy Tech
Accelerating innovation at AWS Security

Accelerating innovation at AWS Security

9 minute read | Last updated 1-Dec-2022 | An icon depicting a retail tag with a heart for 'favourite' CloudAWSSecurityAWS re:Invent

At re:Invent or attending remotely? Check out my “Ultimate Guide to AWS re:Invent 2022” post for some tips and tricks to get the most out of the show.

The security leadership session at AWS re:Invent 2022 was called, “What we can learn from customers: Accelerating innovation at AWS Security”. CJ Moses, CISO of AWS, used this session to explain what AWS is doing to help everyone with security, to highlight some key releases in 2022, and what we can expect in 2023 when it comes to security.

CJ definitely put his own stamp on the leadership sessions. More in this Twitter thread πŸ‘‡.

Twitter Thread 🧡

Tweet 1/57 πŸ‘‡ Next tweet

the @awscloud #security leadership session featuring @mosescj58 is starting now…

What we can learn from customers: Accelerating innovation at AWS Security

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:32

Tweet 2/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 up now, rocking some killer kicks πŸ‘Ÿ

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:32

Tweet 3/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 celebrating 15 years with @awscloud πŸ₯³πŸ₯³πŸ₯³

congrats CJ!

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:33

Tweet 4/57 πŸ‘‡ Next tweet πŸ‘† Start

β€œEveryday I get to learn about the problems we can solve for customers, and how we can do that”, @mosescj58

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:34

Tweet 5/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 drawing the parallels between his sportβ€”racingβ€”and #security
  • both driven by data
  • safety is a key factor for success

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:34

Tweet 6/57 πŸ‘‡ Next tweet πŸ‘† Start

good Bezos quote, β€œCustomers are always wonderfully, beautifully unsatisfied.”

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:35

Tweet 7/57 πŸ‘‡ Next tweet πŸ‘† Start

more than 90% of all the things @awscloud creates is directly from customers…the other 10% was built on behalf of those customers πŸ˜‰

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:36

Tweet 8/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 sharing some of his previous roles in law enforcement and the parallels in his role with @AWSSecurityInfo today

both looking for one tiny indicator amid a torrent of data

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:37

Tweet 9/57 πŸ‘‡ Next tweet πŸ‘† Start

@awscloud has the scale to enable security

pre-AWS @mosescj58 was working with @jeffbarr back in 2007. those conversations kicked off a ton of security work

…which brought CJ to AWS

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:39

Tweet 10/57 πŸ‘‡ Next tweet πŸ‘† Start

1st challenge: isolate workloads in a data center

…wow, think about that vs. what we heard in Peter DeSantis’ keynote on Monday about @awscloud Lambda function isolation

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:40

Tweet 11/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 reminiscing about the scrappy startup days of @AWSSecurityInfo

bean bag chairs => hand me down cube from AOL (!) in a dingy corner…working together as a small team cracking on a deeply interesting & challenging problem

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:41

Tweet 12/57 πŸ‘‡ Next tweet πŸ‘† Start

experiments lead to virtualizing the network layer. that was what provided the isolation needed

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:42

Tweet 13/57 πŸ‘‡ Next tweet πŸ‘† Start

that πŸ‘† was the start of @awscloud VPC

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:42

Tweet 14/57 πŸ‘‡ Next tweet πŸ‘† Start

β€œWe’ve grown a tiny bit”, @mosescj58 aims for understatement of the show

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:43

Tweet 15/57 πŸ‘‡ Next tweet πŸ‘† Start

by, the main β€œhome” for @AWSSecurityInfo is https://aws.amazon.com/security/

…though there’s a ton of info everywhere in the service docs/whitepapers/etc.

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:44

Tweet 16/57 πŸ‘‡ Next tweet πŸ‘† Start

events seen on the @awscloud global network….

…that’s a lot of zeros

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:44

Tweet 17/57 πŸ‘‡ Next tweet πŸ‘† Start

that’s a new visual for the shared responsibility model. I think that’s much clearer than the older one w/way too many layers shown

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:45

Tweet 18/57 πŸ‘‡ Next tweet πŸ‘† Start

great reference on the shared responsibility model: https://aws.amazon.com/compliance/shared-responsibility-model/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:45

Tweet 19/57 πŸ‘‡ Next tweet πŸ‘† Start

β€œIf you have access or control, you have responsibility”, @mosescj58 << great summary and β€˜cheatsheet’ for the @awscloud shared responsibility model

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:46

Tweet 20/57 πŸ‘‡ Next tweet πŸ‘† Start

getting a bit of a peek behind the @AWSSecurityInfo curtain here from @mosescj58

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:47

Tweet 21/57 πŸ‘‡ Next tweet πŸ‘† Start

more on @awscloud Shield at https://aws.amazon.com/shield/

…AWS WAF at https://aws.amazon.com/waf/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:48

Tweet 22/57 πŸ‘‡ Next tweet πŸ‘† Start

@AWSSecurityInfo saw more than 224M malware samples in six months!

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:49

Tweet 23/57 πŸ‘‡ Next tweet πŸ‘† Start

all of the data that @AWSSecurityInfo gathers from their perspective informs new @awscloud services and features

that’s why we’re seeing so many new feature advances in things like Amazon Macie and Amazon GuardDuty

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:49

Tweet 24/57 πŸ‘‡ Next tweet πŸ‘† Start

more on @awscloud Macie at https://aws.amazon.com/macie/

…Amazon GuardDuty at https://aws.amazon.com/guardduty/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:50

Tweet 25/57 πŸ‘‡ Next tweet πŸ‘† Start

exposed credentials are a continuing challenge. IAM helps reduce the blast radius (good ol’ principle of least privilege) and @awscloud Security Hub helps shine a light on those issues

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:51

Tweet 26/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 calls outβ€”again, and will do again & againβ€”how valuable MFA or multi-factor authentication is

more details at https://aws.amazon.com/iam/features/mfa/

remember if you’re onsite, you can pick up a hardware MFA key…and you can always use an MFA app

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:52

Tweet 27/57 πŸ‘‡ Next tweet πŸ‘† Start

details on getting an MFA key onsite πŸ‘‡

https://twitter.com/AWSSecurityInfo/status/1597263326589120514

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:52

Tweet 28/57 πŸ‘‡ Next tweet πŸ‘† Start

get an MFA key online (with some restrictions) at https://aws.amazon.com/security/amazon-security-initiatives/free-mfa-security-key/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:53

Tweet 29/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 moving into six πŸ”‘ learnings for @AWSSecurityInfo:
  1. educate everyone about #security
  2. build a security-first culture
  3. hire & develop the best

#reinvent



marknca@marknca tweeted at 01-Dec-2022, 20:55

Tweet 30/57 πŸ‘‡ Next tweet πŸ‘† Start

...continuing the six πŸ”‘ learnings...
  1. shift left & automate
  2. invest in a dynamic workforce
  3. make security the department of β€œyes, and…”

#reinvent



marknca@marknca tweeted at 01-Dec-2022, 20:57

Tweet 31/57 πŸ‘‡ Next tweet πŸ‘† Start

btw, @mosescj58’s voice is toast 🍞, but he’s powering through like a champ

hang in there CJ!

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:57

Tweet 32/57 πŸ‘‡ Next tweet πŸ‘† Start

moving on to predictions for 2023 now...

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:58

Tweet 33/57 πŸ‘‡ Next tweet πŸ‘† Start

increasing threat continue to drive the shift to the cloud

…this is a data problem. @awscloud Security Lake is designed to help remove barriers in analyzing that data and drawing insights from it

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:59

Tweet 34/57 πŸ‘‡ Next tweet πŸ‘† Start

more on @awscloud Security Lake in this blog post by @channyun…but you already knew that πŸ˜‰

https://aws.amazon.com/blogs/aws/preview-amazon-security-lake-a-purpose-built-customer-owned-data-lake-service/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 20:59

Tweet 35/57 πŸ‘‡ Next tweet πŸ‘† Start

next prediction: we need more #security professionals. broaden your search net. we need more diversity and neurodiversity in our community

more perspectives only make things better

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:01

Tweet 36/57 πŸ‘‡ Next tweet πŸ‘† Start

next prediction: automate everything

why? there’s just too much data that needs protecting…and too much security data that needs to be processed. the only way is automation

#reinvent


marknca@marknca tweeted at 01-Dec-2022, 21:01

Tweet 37/57 πŸ‘‡ Next tweet πŸ‘† Start

the new automated data discovery from Amazon Macie aims to help with this

session SEC209, β€œContinuous innovation in AWS threat detection & monitoring services” covers this in more depth (on the @AWSEvents YouTube channel soon)

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:02

Tweet 38/57 πŸ‘‡ Next tweet πŸ‘† Start

the blog post on Macie is up at https://aws.amazon.com/blogs/aws/automated-data-discovery-for-amazon-macie/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:03

Tweet 39/57 πŸ‘‡ Next tweet πŸ‘† Start

another feature that helps here is external key store (XKS) for @awscloud KMS (key management system)

blog post on that is available at https://aws.amazon.com/blogs/aws/announcing-aws-kms-external-key-store-xks/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:04

Tweet 40/57 πŸ‘‡ Next tweet πŸ‘† Start

s/service/system/πŸ‘†

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:05

Tweet 41/57 πŸ‘‡ Next tweet πŸ‘† Start

more on @awscloud KMS at https://aws.amazon.com/kms/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:05

Tweet 42/57 πŸ‘‡ Next tweet πŸ‘† Start

this one is massive. @awscloud Verified Permissions

blog post: https://aws.amazon.com/blogs/security/get-the-best-out-of-amazon-verified-permissions-by-using-fine-grained-authorization-methods/

product page: https://aws.amazon.com/verified-permissions/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:06

Tweet 43/57 πŸ‘‡ Next tweet πŸ‘† Start

another @AWSSecurityInfo IAM feature: multiple MFA devices for root users and IAM users

blog at https://aws.amazon.com/blogs/security/you-can-now-assign-multiple-mfa-devices-in-iam/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:07

Tweet 44/57 πŸ‘‡ Next tweet πŸ‘† Start

btw, Verified Permissions is part of the broader β€œprovable security” initiative from @AWSSecurityInfo

tons of great features/services have come from this push

program page is up at https://aws.amazon.com/security/provable-security/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:08

Tweet 45/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 diving into some post-quantum cryptography details. lots of work going on here in the community

blog post: https://aws.amazon.com/about-aws/whats-new/2022/03/aws-kms-acm-support-latest-hybrid-post-quantum-tls-ciphers/

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:09

Tweet 46/57 πŸ‘‡ Next tweet πŸ‘† Start

@mosescj58 takes a quick pause as we get a video to intro @united

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:10

Tweet 47/57 πŸ‘‡ Next tweet πŸ‘† Start

now to a fireside chat between @mosescj58 and @deneendefiore, CISO @united

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:11

Tweet 48/57 πŸ‘‡ Next tweet πŸ‘† Start

@deneendefiore is speaking to the resiliency challenges with technology. every traveller interaction @united crosses a lot of different systems, #security and resiliency are critical at each stage

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:12

Tweet 49/57 πŸ‘‡ Next tweet πŸ‘† Start

on automation, @deneendefiore talks about leveraging @AWSSecurityInfo services and automating their own systems to ensure that builders @united are starting from strong, secure-by-default positions

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:13

Tweet 50/57 πŸ‘‡ Next tweet πŸ‘† Start

@deneendefiore @AWSSecurityInfo @united on culture: @deneendefiore points out that aviation is already a safety aware culture. it’s an β€œeasy” bridge to #security …when compared to other verticals

that common understanding makes collaboration a lot easier

if you don’t have it, you can build that culture

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:15

Tweet 51/57 πŸ‘‡ Next tweet πŸ‘† Start

another great call out that everyone can use: find the cultural points in your organization that are already there. use those as #security entry points

@deneendefiore & @united use regular safety briefings that are already in place

β€οΈπŸ‘†

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:16

Tweet 52/57 πŸ‘‡ Next tweet πŸ‘† Start

@deneendefiore @united @mosescj58 calls out @awscloud's approach with #security learning/education

check out and use their solution at https://t.co/TNoUHSzX8i

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:18

Tweet 53/57 πŸ‘‡ Next tweet πŸ‘† Start

@deneendefiore @united @mosescj58 @awscloud @deneendefiore's focus for 2023:
  • be brilliant at the basics
  • advance capabilities as your environment changes (tech/biz/regulatory/etc.)
  • enable the business!

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:21

Tweet 54/57 πŸ‘‡ Next tweet πŸ‘† Start

@deneendefiore @united @mosescj58 @awscloud on to the challenges around recruiting, developing, and maintaining #security talent...

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:24

Tweet 55/57 πŸ‘‡ Next tweet πŸ‘† Start

@deneendefiore is a great example of a lot of #security career path...from anywhere. there's no one path to get into security

if you’re hiring, understand that. yes, it’s more work, but so, so worth it

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:25

Tweet 56/57 πŸ‘‡ Next tweet πŸ‘† Start

@deneendefiore key point from @mosescj58: you can hire a diverse set of ppl, but if you don't have a culture of inclusion...they aren't going to stay or succeed!

#reinvent

marknca@marknca tweeted at 01-Dec-2022, 21:27

Tweet 57/57 πŸ‘‡ Next tweet πŸ‘† Start

@deneendefiore @mosescj58 ...and that's a wrap from the #security leadership session by @mosescj58 at #reinvent 2022!

hopefully, he’s now off to get some tea 🍡 for his voice

marknca@marknca tweeted at 01-Dec-2022, 21:28

πŸ‘† Start

More Content

Prev: Werner Vogels Keynote Play-by-play

Next: AWS re:Invent 2022 Attendee Guide: Security

Back to top

Related Content