AWS re:Invent Security Attendee Guide 2021

6 minute read | Last updated 1-Nov-2021 | An icon depicting a retail tag with a heart for 'favourite' AWS, Cloud, AWS re:Invent

The biggest challenge with AWS re:Invent is the shear volume of content. It’s really hard to figure out where you should focus and which sessions would be the best fit for you.

A few years back, some of the AWS Heroes (myself included) started writing interest specific guides that AWS would then publish. This year, we’re back at it again.

If you’re a security professional or a builder looking to learn more about security, this guide is for you!

The guide is available from the event site as a PDF if you want to save a local copy.

Intro

I’m Mark. A long-time builder in the cloud with a focus on security and privacy.

Every year, AWS re:Invent is chock full of amazing sessions and events that help us learn and connect with the community.

I’ve created this guide to call out some great sessions that will help you become a more well-rounded security professional.

You’ll find a lot of sessions that you might not think are related to security. Trust me, they are!

Modern security requires an integrated approach. It’s a core part of everything we build in the cloud.

This guide is designed to help round out your perspective and learn about the great features and functionality available to you in the AWS Cloud.

| – Mark Nunnikhoven (@marknca), Distinguished Cloud Strategist at Lacework

Breakout Sessions

Security isn’t an isolated activity. It’s a fundamental part of everything we do in the AWS Cloud.

That’s why it’s one of the five pillars of the AWS Well-Architected Framework.

This selection of sessions will provide you a well-rounded view of building and security in the cloud so you can make sure you and your team meet your security goals.

DOP208, DevOps Revolution

Security doesn’t happen in a vacuum. In order to make informed decisions about risk and security controls, you have to understand how solutions are built and operated.

This session will provide an overview of the latest approaches teams are taking to deliver in the AWS Cloud. Understanding these techniques and what’s next is critical to building a strong security posture.

ARC203, Prepare your teams for operations-driven development

Operations and security are tied at the hip. The data sets they are looking at and the workflows they use are closely related.

This session examines how you can use various services and features from AWS to monitor and improve your designs. These techniques are essentially to building a culture of continuous improvement.

COP201, Gain enterprise visibility with AWS Cloud operation dashboards

Tied to ARC203, this session shows how you can leverage the visibility created by a strong operations practice to improve visibility.

This session focuses on real-world applications of the core principles and includes a customer case study to help you better understand the impact building this type of tooling will have on your teams.

Visibility is a recurring theme throughout this guide as a simple truth always holds true: you can’t help improve the security of things you don’t know about.

COP206, Observability the open-source way

Creating a system for observability and to gather telemetry is key to gaining visibility about the security and operational health of your solutions.

AWS offers managed versions of several popular open-source tools to streamline this aspect of your practice.

This session explores those offers and how you can use them to gain observability and take advantage of its benefits, without adding more systems that require operational effort.

COP301, Cloud compliance, assurance, and auditing

Compliance is often ignored until the last minute. In reality, compliance plays an important role in trust.

And like the rest of security, when you build with compliance it mind, it becomes a lot easier to meet your goals.

This session explores how compliance requirements can be met in the cloud and how you can build a continuous compliance output as part of your everyday builds.

DOP301, How to reuse patterns when developing infrastructure as code

Infrastructure as Code (IaC) is an incredibly useful tool for repeatable builds. Understanding how the AWS CDK and AWS CloudFormation can help your teams not only use IaC but also Security as Code (SaC) is always a smart move.

DOP310, Enabling decentralized development teams with a shared services platform

The balance between centralized services and distributed teams is a tricky one. This session will help you plan “the crawl, walk, and run options” for smart, centralized services.

COP312, Governance and security for organizations of any size

AWS provides some very powerful tools to help you organize all of your teams accounts. This session will help you better understand how these tools fit to together and how they can help you stay on top of your AWS environment.

DOP303, Assessing your application resiliency using chaos engineering

Stuff happens. It’s best to understand how your builds and your teams will react when that happens before it hits the fan. This session will help you understand how chaos engineering can help you team improve the reliability and resiliency of your builds.

BOA306, Twelve-Factor apps on containers, running everywhere

Containers solve a very real problem for builders: ensuring that what you’ve built will run reliably anywhere. This session will teach you how to build and secure container-based applications that balance security, scalability, and developer experience.

DOP313, Best practices for securing your software delivery lifecycle

Delivery new builds quickly and reliability is a critical aspect of practicing a DevOps philosophy. That workflow also presents some unique security challenges. This session will help you understand that you don’t need to compromise speed for security.

Leadership Sessions

All of the leadership sessions provide great insights into the state of any practice within the AWS Cloud.

These two are of particular interest to security minded builders. The first for obvious reasons, the second—containers—because we are seeing fantastic adoption of this technology that will only accelerate in the year to come.

LEADERSHIP, Security, Identity & Compliance

Every year Stephen Schmidt delivers a fantastic leadership session that highlights what’s changed in the past year and introduces new functionality that’s coming.

More importantly, this session always highlights the state of security within the AWS community. What issues are teams focusing on? What challenges are organizations facing?

This is always a don’t miss session.

| – Stephen Schmidt, VP and CISO

LEADERSHIP, Containers

Most organizations are seeing an explosion of containers within their environment…and why not? It’s a convenient way for developers to build and for operations to manage your environments.

This leadership session will help you understand what advancements have been made in the last year and what we can expect for the year to come.

| – Deepak Singh, VP Compute Services

Other Recommendations

AWS re:Invent is always a fantastic event. There are any number of activities throughout the week to enjoy. From re:Play to the game nights, you’re sure to find something you like. Here are my suggestions.

Extra Sessions

Session BOA201 is, “15 years of AWS with Jeff Barr”. This will cover where things started, key moments, and a demo from Jeff of AWS as it was in 2007!
Workshop DPR201 is focused on helping you get up and running with AWS DeepRacer. Racing robot cars is a so much fun and a great way to connect with other builders.

Play

Keep an eye on the Play section of the AWS re:Invent website, specifically the Quirky session. There are a ton of great events where you can meet builders and socialize after a long day of learning. Make sure to catch the sneak peek of your favourite upcoming Amazon TV shows!