At re:Invent or attending remotely? Check out my “Ultimate Guide to AWS re:Invent 2022” post for some tips and tricks to get the most out of the show.
For the past few years, I’ve had the opportunity to write the “official” guide for attendees of AWS re:Invent that are interested in security. For AWS re:Inforce—the security-focused conference—I get to be a bit more specific.
Each time I create one of the guides for re:Invent my goal is the same; help everyone understand the foundations of cloud security. Regardless of where you are on your cloud journey, there is a ton of value in strong fundamentals.
…and the fundamental truth of cloud security is that it isn’t an isolated discipline. You need to understand how builders are solving problems in the cloud, what AWS has done to deploy strong services, and what options there are available for you to help with your security practice.
Here is the security topic guide for AWS re:Invent 2022 with links to all of the recommended sessions. You can also watch the sessions back-to-back using this handy YouTube playlist.
Introduction
Security is often misunderstood.
That’s understandable given how it’s usually presented. Let’s fix that.
Simply put, security is one of the main areas of focus when building in the AWS Cloud. It works with the other pillars—Operational Excellence, Performance Efficiency, Cost Optimization, Reliability, and Sustainability—to help you deliver robust, resilient solutions.
I’ve built this guide with that approach in mind. These sessions will help security professionals take a cloud-native approach. It will also help builders of all experience levels understand how security fits into the bigger picture.
There’s a ton of great content this year and these sessions are a great starting point for your security journey and a good reminder of the foundations for those of us further down the path.
Recommended Sessions
ARC210, The well-architected way
Quality service delivery is fundamental to a strong security posture. The principles in the AWS Well-Architected Framework will help your teams build better in the cloud.
- Watch this session at https://youtu.be/nOKvA8HykW8
CMP210, Modern applications: An infrastructure perspective
EC2 is usually a major part of your compute infrastructure. This session focuses on how to EC2 works at a fleet level. Understanding this is critical to expanding your security efforts beyond the instance itself.
- Watch this session at https://youtu.be/ddt7WfgCRYQ
CON323, What’s new with Amazon ECS
As happens sometimes, this session was renamed and adjusted to focus on new features in Amazon ECS. The original session name was, “The AWS container services journey: A detailed look”
Containers are ubiquitous. So much so that there are a lot of AWS services that can run them. This session explains the use cases for these services and how your teams can use them to their advantage.
- Watch this session at https://youtu.be/1_YUmq3MpYQ
COP301, Observability the open-source way
Observability has massive benefits for all builders, security teams doubly so. Learn about metrics, traces, log data, and OpenTelemetry and how it can help improve visibility into what’s happening in your builds.
- Watch this session at https://youtu.be/2IJPpdp9xU0
COP302, Developing an observability strategy
You have access to mountains of data about how your builds are behaving. This session will help you understand what strategies work to manage that data and how to get the most out of it.
This session hasn’t been published yet
COP304, Cloud compliance, assurance, and auditing
If there is a “trick” to compliance, it’s building evidence collection into everything you do. The good news? A lot of the work you’re doing around observability helps with that. This session will show you how.
- Watch this session at https://youtu.be/xREhfrUqpd4
COP316, How to monitor applications across multiple accounts
The more accounts your teams use, the more you realize you need a strategy for visibility across accounts. Focusing on application monitoring, the lessons from this session are directly applicable to security.
- Watch this session at https://youtu.be/kFGOkywu-rw
DOP301, The Amazon Builders’ Library: 25 years of operational excellence at Amazon
The Amazon Builders’ Library is a gold mine of hard fought knowledge about building in the cloud. This session takes a deep dive into how Amazon runs technical operations and what they’ve learned.
This session hasn’t been published yet
ENT218, The architect elevator: Connecting IT and the boardroom
You can’t communicate the same information to a development team and your executives. The contexts are completely different. This session maps out how to tackle those differences effectively.
- Watch this session at https://youtu.be/goYiaIGebFo
ENT220, Shipping securely: How strong security can be your strategic advantage
This session explains the business advantages to a strong security approach. Take notes, lots of notes, and use this within your organization. Strong security helps everyone reach their goals faster.
This session hasn’t been published yet
NET207, A deep dive on the current security threat landscape with AWS
This session was originally titled, “2022 AWS Threat Landscape Report”
AWS Security has a unique perspective on the threat landscape. Learn about what they are seeing and how it impacts your organization…or more importantly, doesn’t impact your organization because of their hard work.
- Watch this session at https://youtu.be/h7WvCyygb8U
SEC201, Proactive security: Considerations and approaches
AWS’s approach to security is one worth replicating. The way they’ve distributed responsibility throughout teams that are building in the cloud is highly effective. Learn how you can do the same in this talk.
- Watch this session at https://youtu.be/u2z3nukhdXc
SEC203, Revitalize your security with the AWS Security Reference Architecture
The AWS Security Reference Architecture is a good starting point for any build. This is a great technical foundation session, as it takes a closer look at the why and how of that design.
- Watch this session at https://youtu.be/uFrj0jHN848
SEC212, AWS data protection: Using locks, keys, signatures, and certificates
Encryption is a critical security control. Looking at its application for data at rest and in transit, this session lays the groundwork for a robust data strategy that will underpin your entire security strategy.
- Watch this session at https://youtu.be/lD34wbc7KNA