Archive · · 9 min read

Stephen Schmidt's Security Leadership Session at AWS re:Invent 2021

The leadership session at AWS re:Invent provide a deeper dive into a specific area of focus. Stephen Schmidt, CISO at AWS takes the stage to talk all things security.

Stephen Schmidt's Security Leadership Session at AWS re:Invent 2021

The leadership session at AWS re:Invent provide a deeper dive into a specific area of focus. Stephen Schmidt, CISO at AWS takes the stage to talk all things security.

I missed the first 10 minutes of the session and will update this post when I watch it on demand.

The First 10 Minutes

THe session is now available on demand so I was able to watch the first ten minutes. Here are my takeaways as a list, instead of a tweet storm;

Live Tweets

This 👇 is the Twitter thread of my coverage of the keynote…

Tweet 1/44 👇 Next tweet

...ahhh, jumping in late to this one #reinvent

Tweet 2/44 👇 Next tweet 👆 Start

Sarah from @AWSIdentity up now… #reinvent

Tweet 3/44 👇 Next tweet 👆 Start

“MFA is the best way to secure your work as you build”, Sarah from @AWSIdentity with a Yubikey on her earrings! 👇 her plates… #reinvent

Tweet 4/44 👇 Next tweet 👆 Start

ok, now I want a Yubikey on my earrings too. Sarah recommended this one, the 5c nano: #reinvent

Tweet 5/44 👇 Next tweet 👆 Start

“All workloads on @awscloud should be multi-account, that’s how we’ve designed @AWSIdentity” #reinvent #security

Tweet 6/44 👇 Next tweet 👆 Start

“If you are a human, you should be logging into @awscloud through SSO”, Sarah from @AWSIdentity #reinvent #security

Tweet 7/44 👇 Next tweet 👆 Start


Tweet 8/44 👇 Next tweet 👆 Start

more on @AWSIdentity SSO at #reinvent #security

Tweet 9/44 👇 Next tweet 👆 Start

the “data perimeter” idea is all about protecting your solutions from all angles #reinvent

Tweet 10/44 👇 Next tweet 👆 Start

Sarah covering some @AWSIdentity recent releases. top of the list: IAM Access Analyzer more at #reinvent #security

Tweet 11/44 👇 Next tweet 👆 Start

…there is also Network Access Analyzer more on that new release at #reinvent #securtiy

Tweet 12/44 👇 Next tweet 👆 Start

another one in the list, Access Analyzer policy validation more on that at #reinvent #security

Tweet 13/44 👇 Next tweet 👆 Start

Sarah also calls out the IAM Access Analyzer policy generation feature released by @AWSIdentity a little while back more at #reinvent #security

Tweet 14/44 👇 Next tweet 👆 Start

👆 great list. everyone should be using these tools regularly #reinvent #security

Tweet 15/44 👇 Next tweet 👆 Start

. @StephenSchmidt back up to switch gears…updates! #reinvent #security

Tweet 16/44 👇 Next tweet 👆 Start

162 checks now in @awscloud Security Hub! + VPC endpoint support ( #reinvent

Tweet 17/44 👇 Next tweet 👆 Start

Amazon Detective got support S3 and DNS finding types more at #reinvent #security

Tweet 18/44 👇 Next tweet 👆 Start

. @awscloud Shield automatically does application layer DDoS mitigation more: #reinvent #security

Tweet 19/44 👇 Next tweet 👆 Start

Amazon Inspector got a big update. I covered that at lots of great stuff in this complete revamp #reinvent #security

Tweet 20/44 👇 Next tweet 👆 Start

there is a dedicated session on site for Amazon Inspector. will be on demand in a few days #reinvent #security

Tweet 21/44 👇 Next tweet 👆 Start

simple win: update the alternative security contact for your accounts. you can do this via Orgs and the CLI now more on that at #reinvent #security

Tweet 22/44 👇 Next tweet 👆 Start

“Consider the Security Pillar of the AWS Well-Architected Framework” << …and the rest of the framework! there’s a ton of amazing stuff in there that contributes to security more #reinvent #security

Tweet 23/44 👇 Next tweet 👆 Start

Thomas Avant coming up now to talk about security culture at @awscloud #reinvent #security

Tweet 24/44 👇 Next tweet 👆 Start

here’s another great talk about @awscloud #security culture from re:Inforce 2021: be sure to bookmark this one 👇 and watch it later #reinvent

Tweet 25/44 👇 Next tweet 👆 Start

they regularly remind employees about the importance of #security to the work their doing #reinvent

Tweet 26/44 👇 Next tweet 👆 Start

🔑 @awscloud is always looking for ways to empower everyone to be a part of the #security team #reinvent #infosec

Tweet 27/44 👇 Next tweet 👆 Start

@StephenSchmidt himself gets page if it comes to that…it’s not fun, I’ve seen it”, Thomas Avant #reinvent #infosec

Tweet 28/44 👇 Next tweet 👆 Start

“We’ve got all the runbooks you would expect @awscloud but we’re also heavily reliant on employees making the best decisions possible” #reinvent #infosec

Tweet 29/44 👇 Next tweet 👆 Start

👆 that only works because they’ve built up that #security culture. it’s hard work but well worth it #reinvent

Tweet 30/44 👇 Next tweet 👆 Start


Tweet 31/44 👇 Next tweet 👆 Start

I ❤️ how many times I’ve heard “builders” in this #security session #reinvent

Tweet 32/44 👇 Next tweet 👆 Start


Tweet 33/44 👇 Next tweet 👆 Start

. @StephenSchmidt back up to talk about what sets @awscloud apart from the #security angle #reinvent

Tweet 34/44 👇 Next tweet 👆 Start

first up: containers & code #reinvent #security

Tweet 35/44 👇 Next tweet 👆 Start

“Containing risk through isolation”, pun NOT pardoned @StephenSchmidt 🤣😉 #reinvent #infosec

Tweet 36/44 👇 Next tweet 👆 Start

more on Amazon CodeGuru at #reinvent #infosec

Tweet 37/44 👇 Next tweet 👆 Start

there’s now a nice integration with Amazon CodeGuru + @awscloud Secrets Manager. more on that at #reinvent #infosec

Tweet 38/44 👇 Next tweet 👆 Start

. @awscloud GuardDuty support for #k8s audit logs coming in early 2022! #reinvent

Tweet 39/44 👇 Next tweet 👆 Start

broader container support coming to other @AWSSecurityInfo services too. no firm ETA but it’s being worked on… #reinvent #infosec

Tweet 40/44 👇 Next tweet 👆 Start


Tweet 41/44 👇 Next tweet 👆 Start

I remember when these slides were just a couple of names. nice to see the expansion of the #security partner community around @awscloud #reinvent

Tweet 42/44 👇 Next tweet 👆 Start

. @awscloud re:Inforce 2022 dates announced! 28 & 29-Jun-2022 in Houston, TX #reinvent #infosec

Tweet 43/44 👇 Next tweet 👆 Start

closing quote from @StephenSchmidt. this was a great leadership session (as expected), can’t wait to catch the first 10m on replay #reinvent #security

Tweet 44/44 👇 Next tweet 👆 Start

. @StephenSchmidt even gets in the “Please complete the session survey” plug at the end! 🤣 /🧵 #reinvent #security

Read next