Trying to come up to speed on cloud security at AWS re:Invent 2022? Here’s my session guide for attendees of all levels.
CJ Moses, CISO of AWS, delivers a leadership session to highlight the state of security and what’s next.
Highlights from Dr. Werner Vogel’s keynote at AWS re:Invent 2022.
Highlights from Ruba Borno’s AWS Partner keynote at AWS re:Invent 2022.
Highlights from Swami Sivasubramanian’s data and machine learning AWS re:Invent 2022 keynote.
Highlights from AWS re:Invent 2022’s Monday Night Live with Petere DeSantis
Notable new features and functionality announced during day one at AWS re:Invent 2022.
Leading up to AWS re:Invent, these 5 great new features launched to help your cloud security practice.
The best conference in cloud is back for 2022. Here’s how to get the most out of the show!
The AWS Audit Manager can help organize all of your audit and compliance evidence. This solution helps streamline the collection of non-AWS resource data points.
The AWS Well-Architected Tool allows users to create their own Custom Lenses. I have thoughts…
Optimism (an L2 Ethereum project) just paid out a two million dollar bug bounty.
Building a ticketing or registration system? AWS just released a solution to help queue demand.
Attackers can find your cloud misconfigurations with almost no effort, why can’t you?
Once you’ve aggregated all of your AWS Security Hub Findings, here’s one way to visualize and analyze them.
Once you’ve aggregated all of your AWS Security Hub Findings, here’s one way to visualize and analyze them.
Misconfigurations in Amazon S3 keep happening. Here’s why and how to stop them.
AWS Security Hub Findings are great, but they can be better. Here’s a simple pattern from the AWS team to enrich those findings automatically.
In late 2017, IDT did an AWS “This is My Architecture” video. The video talks about how they managed secret information in their AWS environment.
In late 2017, iRobot did an AWS “This is My Architecture” video. The video talks about how they deployed their microservices in AWS.
The leadership session at AWS re:Invent provide a deeper dive into a specific area of focus. Stephen Schmidt, CISO at AWS takes the stage to talk all things security.
AWS re:Invent is always THE event in cloud. Werner Voegls delivered the latest version of his hotly anticipated keynote on day four.
Amazon Inspector first launched in 2015. Now in 2021, it’s re-launching with a brand new architecture and a host of new features.
AWS re:Invent is always THE event in cloud. Petere DeSantis’ keynote provided a peek behind the curtain of the technology that drive AWS itself.
Corey Quinn interviews key AWS leaders in a casual settings. This time he sits down with Bill Vass, VP Technology & Engineering
AWS re:Invent is always THE event in cloud. Swami Sivasubramanian took the stage to deliver the machine learning focused keynote on day three.
Amazon Inspector first launched in 2015. Now in 2021, it’s re-launching with a brand new architecture and a host of new features.
AWS re:Invent is always THE event in cloud. Adam Selipsky gave his first keynote as the CEO of AWS. Here’s what he covered during this two hour session.
AWS re-launches a dramatically improved Amazon Inspector, a software vulnerability discovery/management service.
Here are the top AWS announcements leading up to and during AWS re:Invent 2021.
AWS re:Invent has over 500 sessions available remotely. Here’s a near complete list for easy searching.
AWS re:Invent is always THE event in cloud. This year a lot of people can’t attend in person. This post tells you how to get the most out of the virtual side of the event.
AWS re:Invent is always THE event in cloud. This post is the ultimate guide to getting the most out of the show.
An overview of the AWS Well-Architected Frameworks’ Performance Efficiency pillar.
An overview of the AWS Well-Architected Frameworks’ Reliability pillar.
An overview of the AWS Well-Architected Frameworks’ Cost Optimization pillar.
An overview of the AWS Well-Architected Frameworks’ Security pillar.
An overview of the AWS Well-Architected Frameworks’ Operational Excellence pillar.
In late 2017, Airbnb did an AWS “This is My Architecture” video. The video talks about how they built a system to test their Amazon RDS databases.
AWS Labs has a lot of open source code up on GitHub. This repo helps you visualize your AWS workloads and highlight areas of cost.
AWS Labs has a lot of open source code up on GitHub. AWS Data Wrangler is a bridge between python pandas DataFrames and AWS data services.
AWS Labs has a lot of open source code up on GitHub. This repo provides an easy way for developers to view your Amazon API Gateway APIs.
AWS Labs has a lot of open source code up on GitHub. This repo helps you visualize your AWS workloads and highlight areas of cost.
AWS Labs has a lot of open source code up on GitHub. This repo helps you visualize your AWS workloads and highlight areas of cost.
AWS Labs has a lot of open source code up on GitHub. The code in this repo lets your embed Amazon QuickSight dashboards in your HTML.
AWS Labs has a lot of open source code up on GitHub. This repo contains a solid set of AWS WAF rules for common web-based attacks.
AWS Labs has a lot of open source code up on GitHub. Gluon TS helps you create forecast models for time series data.
AWS re:Invent is always THE event in cloud. As 2021 draws to a close, what path will AWS set the cloud on. What new services, features, and tools will builders get to create with?
AWS Labs has a lot of open source code up on GitHub. This post looks at the AWS Lambda Powertools for Python.
In late 2017, Station X did an AWS “This is My Architecture” video. The video talks about how they built out a genomics processing pipeline on AWS.
AWS Labs has a lot of open source code up on GitHub. This post looks at the AWS Deployment Framework.
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post looks at how Amazon balances system stability between control and data plane requests.
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post looks at how Amazon conducts hands-off deployments.
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post highlights some of the challenges in dealing with multi-tenant systems.
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post highlights some of the challenges that the retry pattern presents.
In late 2017, Capital One did an AWS “This is My Architecture” video. The video talks about how they built Cloud Custodian and how that tool helps them enforce policies in the AWS Cloud.
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post highlights some of the challenges in dealing with failure at scale.
AWS has a huge library of fantastic resources. This post highlights the recently released whitepaper walking public sector organizations through machine learning best practices
AWS has a huge library of fantastic resources. This post highlights the recently released whitepaper talking about serverless multi-tier architectures.
AWS has a huge library of fantastic resources. This post highlights the recently updated whitepaper aligning the NIST Cybersecurity Framework to AWS.
AWS has a huge library of fantastic resources. This post highlights the recently released whitepaper about building reactive systems on AWS.
In late 2017, New Relic did an AWS “This is My Architecture” video. The video talks about how they setup their Terraform execution plans in a modular fashion. This provided the team some much needed flexibility when managing builds.
AWS has a huge library of fantastic resources. This post highlights the recently updated whitepaper on building out a CI/CD practice in the AWS Cloud.
AWS re:Invent is always THE event in cloud. As 2021 draws to a close, what path will AWS set the cloud on. What new services, features, and tools will builders get to create with?
Are you a security professional or a builder looking to learn more about security? This year, I wrote the official guide for security attendees to AWS re:Invent. Here’s what’s in it and why.
In late 2017, CorpInfo did an AWS “This is My Architecture” video. The video walks through how they handled a massive amount of events coming from various IoT devices they had deployed. Remember, this was before any of the AWS IoT-specific services!
In late 2017, Civitas Learning did an AWS “This is My Architecture” video. It was one of the first. The video walks through how they handled processing personally identifiable information at scale using batch processing.
In late 2017, the Finanical Times wanted to get developers to factor in cost to their designs. They created a gamified solution to help drive this change…and it worked.
In late 2017, Netflix explained how they tackled the problem of failing over when disaster struck. Four years later, how well does that design hold up? What could we improve given the services and features available today?
In late 2016, Lyft demonstrated the service discovery engine they built on AWS. Five years later, how well does that design hold up? What could we improve given the services and features available today?
Misconfigurations are the number one security concern in the cloud. Guardrails can help you prevent misconfigurations from happening. This talk shows you the principles behind sustainable, useful guardrails.
As a new user in the AWS Cloud, is AWS App Runner the service that’ll get your one container up and running quickly? This post explores that question.
As a new user in the AWS Cloud, what does it take to get one container up and running? What service do you user? How many steps are there? This post explores that question.
The second installment of AWS re:Inforce was entirely virtual and gave a great view of the state of security in the AWS Cloud. Here’s what the event says security practices and how to set yours up for success.
AWS IAM has been going strong for 10 years! To celebrate the anniversay, this four part series by various AWS Heroes, highlights some key features of the service
The AWS Identity and Access Management (IAM) service turns 10 years old today. While it’s a fantastic service that keeps adding features, it really was the first step towards real cloud security.
Week three of three (!) for AWS re:Invent 2020 kicks off and this post will be my “live blog” for the week. Check back often for reactions, news, and tips on how to get the most out of the week.
There’s always more than one way to solve a problem. That’s a big advantage of AWS, but it can also be overwhelming to deal with. You will make mistakes. That’s ok.
Week two of three for AWS re:Invent 2020 kicks off and this post will be my “live blog” for the week. It will be neither “live” not probably completed this week. Check back often for reactions, news, and tips on how to get the most out of the week.
Amazon EventBridge helps build loosely coupled applications that scale independently and makes it easier to integrate cloud-based applications and services.
As you continually evolve your use of AWS products and services, it’s important to consider ways to improve your security posture and take advantage of new security services and features. This session shares architectural patterns for meeting common challenges, service quotas, and tips and tricks for continually evaluating your architecture against …
To operate services, Amazon relies on having high-fidelity visibility into how its systems behave and the user experience, whether that’s using AWS services or shopping on Amazon.com. In this session, learn about Amazon’s never-ending journey for the perfect granularity of monitoring. This session covers the full spectrum of monitoring at Amazon, …
Coverage of the keynote of AWS re:Invent 2020 where Andy Jassy delivers new services, features, and more.
Week one of three for AWS re:Invent 2020 kicks off and this post will be my “live blog” for the week. Check back often for reactions, news, and tips on how to get the most out of the week.
AWS re:Invent is always jam packed with new content. This post is a road map for my content during this three week virtual event.
AWS launches a mountain of new features leading up to and during AWS re:Invent. Here’s the list of announcements for 2020 and my perspective on a lot of them that I think will help you build better.
AWS re:Invent is the best conference in cloud. This post lays out what you need to know to get the most out of the 2020 edition of this amazing event.
AWS re:Invent is the best conference in cloud. This year it’s an entirely virtual experience spread over 3 weeks. This post will help you get the most of out the event. (Updates regularly)
The Well-Architected Framework is a set of principles that can help you find the ideal build for the problem at hand…regardless of the size of that problem. This post walks you through the application of the framework to a small problem but delivers big returns.
AWS re:Invent is the biggest and most exciting conference in cloud. Follow AWS Community Hero @marknca for all of the latest leading up to and during the show!
Organizations struggle with extending their security practices to the cloud. Traditional approaches don’t work, and new cloud-only practices duplicate work for an already overtaxed team. The goal of cybersecurity is simple: to ensure that what you build works as intended and only as intended. This session teaches you how the AWS Cloud Adoption …
AWS has recently explored with great machine learning services. From the core building blocks to services design to teach you techniques to simple transactional services that just get the job done. This stream looks provides an overview of these services and when you might want to use them.
AWS offers a number of services it labels as “compute”. What are they? How do you pick one that makes sense for your workload? How are they different from each other? This live stream tackles these questions as we take a look at computation in the AWS Cloud.
Amazon DynamoDB is an exciting database services. It’s a cloud-native, NoSQL offering that is lightning quick and scales seamlessly. However, if you treat it like a traditional RDBMS, you’re not going to see any of those benefits. In this live stream, I explore some mistakes I’ve made and how to fix them by moving to a …
AWS offers a wide range of databases but making sense of these services can be tricky. In this live stream, we explore these data services and why you pick one over another.
Mistakes happen. Even after taking steps to restrict permissions and setup systems, builders will make misconfigurations and mistakes. This stream presents two different approaches to catch those mistakes before they come back to haunt you.
AWS re:Invent is absolutely massive. The only way to keep things somewhat organized is to use a reserved seating system for sessions. That system opened today and I live streamed the ins and outs of booking seats for various events.
Serverless is hot right now, but are we all talking about the same thing? In this live stream, we dive into what serverless is, why it’s a big win for your business, and how to get started.
Security is often misunderstood and addressed in the last stages of a build. Operationally, it’s ignored until there is an emergency. In this talk, we review several advanced security processes and discuss how too easily automate them using common tools in the AWS Cloud.
This approach helps you and your team increase the security of your build …
Amazon Athena lets you treat files in Amazon S3 like they were a database. That doesn’t sound too cool until you realize the possibilities: data stays in place, storage is low cost, data management gets easier. Now add in Amazon Quicksight. This service allows you to quick and easily visualize that data and share your insights. This one-two …
Amazon S3 was one of the first AWS services and it continues to be the cornerstone of the AWS Cloud today. This stream covers the basics of the service and how to ensure that your data is only accessed in the ways that you expect.
The Shared Responsibility Model governs how operations (which security is a part of) work in the cloud. In this live stream, we explore the realities of the model and how to verify AWS is fulfilling their responsibilities.
Don’t be afraid of the command line (CLI), it’s insanely useful. This live stream explores those uses and shows you how to use the AWS CLI to accomplish some simple but helpful tasks in the AWS Cloud.
AWS Lambda is probably the most talked about service in the entire AWS Cloud. It lets you run your code based on various triggers with almost no overhead. In this live stream, we look at AWS Lambda basics and even complete a small project connecting code to events in S3.
AWS re:Invent 2019 is going to be HUGE. Mark will be conducting a series of live streams and publishing a ton of content leading up to the show in early December. In this stream, we get the series started off with some questions to you and an overview of what to expect.
AWS re:Invent is the best conference in cloud. This post lays out what you need to know to get the most out of the 2019 edition of this amazing event.
Serverless architectures are a fantastic solution to a lot—not all—design challenge. The benefits they bring are substantial and they can reduce the overall ops and development burden for a lot of teams. But when we’re talking about serverless, are we all talking about the same thing?
A recent survey from RightScale showed a lot of confusion around cloud computing costs. The common take away? Organizations are surprised at how high their cloud bills are. Similarly, the community was surprised at the size of Lyft’s commitment to AWS (around 8 million per month).
But the root of this problem isn’t what you think.
After a jam packed AWS re:Invent 2018, I’ve been thinking about how to deliver information to an audience. One of the challenges is delivering that information with enough context that it makes sense to that audience.
AWS re:Invent is the best conference in cloud. This post lays out what you need to know to get the most out of the 2018 edition of this amazing event.
All the news and notes from the 2018 AWS Summit in San Francisco
AWS Lambda is a fantastic way to connect various distinct pieces in the cloud. Python is an easily accessible language that makes that work simple. But pulling in 3rd party code can be tricky. This post explains how to package 3rd party modules so you can use them in AWS Lambda.
AWS re:Invent is the best conference in cloud. This post lays out what you need to know to get the most out of your first time at this amazing show.
AWS re:Invent is the best conference in cloud. This post gives you the top five things to focus on to get the most out of the 2016 edition.
AWS re:Invent is the best conference in cloud. This post gives you the top five things to focus on to get the most out of the 2015 edition.
The shared responsibility model defines how the cloud works. This post examines how Shellshock impacts that model.
Recent vulnerability “POODLE” demonstrates how the shared responsibility model helps reduce your security workload.
The shared responsibility model is simple to explain but challenging to implement. This post examines how the models works for the latest Xen hypervisor bug.
AWS continues to expand it’s global network with the opening of a new region in Frankfurt, Germany.
As AWS opened their summit series for 2014, 5000+ people packed into the Moscone Center. There was a ton of energy in the air and I got to talk about updating security operations for the cloud.