AWS re:Invent 2021 Security Track Recap
Another AWS re:Invent is usually in the books! Again this season we were so very happy to be able to web host live in NEVADA. And we were thrilled in order to host a big virtual audience also. If you weren’t in a position to participate live, now you can view a few of the security sessions at the AWS Events Channel on YouTube and looking into the AWS re:Invent 2021 Breakout Sessions for Security playlist . The next is a set of a few of the security-focused sessions you’ll discover on the playlist:
In this session, Stephen Schmidt, Chief Information Security Officer at AWS, addresses practices for security in the cloud best, function updates, and how AWS internally handles security. Uncover the potential future of tooling for security, identity, privacy, and compliance.
Just how do AWS security services work and how will you deploy them together? The brand new AWS Security Reference Architecture (AWS SRA) offers prescriptive guidance for deploying the entire complement of AWS security services in a multi-account environment. AWS SRA demonstrates and describes how security services ought to be deployed and managed, the security objectives they serve, and how they connect to each other. In this session, find out about these assets, the AWS SRA team’s design decisions, and guidelines for how exactly to make use of AWS SRA for the security designs. Discover an authoritative mention of assist you to design and implement your personal security architecture on AWS.
Introverts and extroverts collide: Build a good inclusive workforce – SEC204
Jenny Brinkley and Eric Brandwine
In this session, hear from the odd handful of AWS security on how best to create diverse teams and develop proactive security cultures. Jenny Brinkley, Director of AWS Security, and Eric Brandwine, Distinguished and vp Engineer for AWS Security, provide guidelines for and insights in to the mechanisms put on the AWS Security organization. Figure out how to not merely scale your programs, but generate real business change furthermore.
Security posture monitoring with AWS Security Hub at Panasonic Avionics – SEC205
Himanshu Verma and Anand Desikan
In this session, learn to monitor proactively, identify, and protect data to greatly help maintain compliance and security with low operational investment. Panasonic Avionics shares their robust security solution for migrating to Amazon S3 to lessen data center costs by a lot more than 85 percent while remaining protected and compliant with comprehensive industry regulations. Discover guidelines for deploying layered security to monitor data making use of Amazon Macie, learn to detect threats making use of Amazon GuardDuty, and consider how automating responses might help protect your computer data and satisfy your compliance requirements. Explore ways to make use of AWS Security Hub as the central posture-management and monitoring manage point.
[New Launch] AWS Shield: Automated layer 7 DDoS mitigation – SEC226
Kevin Lee and Chido Chemambo
In this session, understand how you may use automated application layer 7 (L7) DDoS mitigations with AWS Shield Advanced to safeguard your web applications. Now you can make use of on AWS Shield Advanced to instantly recommend AWS WAF rules in reaction to an L7 DDoS event rather than manually crafting an AWS WAF rule to isolate the malicious traffic, analyzing the rule’s effectiveness, and deploying it during your environment then. AWS Shield Advanced works well at alerting application owners when spikes within traffic may impact the option of applications. Now, AWS Shield Advanced may automatically detect and mitigate L7 traffic anomalies that risk impacting application responsiveness and availability.
Locks without keys: AWS and confidentiality – SEC301
Colm MacCárthaigh
Each day AWS works together with organizations and regulators to host one of the most sensitive workloads in industry and government. In this session, hear exactly how AWS secures data from trusted AWS operators and services even. Find out about the AWS Nitro System and how it offers confidential processing and a reliable execution environment. Also, find out about the cryptographic chains of custody which are included in the AWS Access and Identity Management service, including how encryption can be used to supply defense comprehensive and why AWS targets verified isolation and customer transparency.
Use AWS to boost your security posture against ransomware – SEC308
Merritt Baer and Megan O’Neil
Ransomware isn’t specific to the cloud-in fact, AWS can offer increased manage and visibility over your security posture against malware. In this session, find out techniques enterprises can empower and inoculate themselves against malware even, which includes ransomware. From IAM policies and the principle of least privilege to AWS services like Amazon GuardDuty, AWS Security Hub for actionable insights, and CloudEndure Disaster AWS and Recovery Backup for retention and recovery, this session offers clarity into tools and approaches which will help you are feeling confident in your security posture against current malware.
Securing your computer data perimeter with VPC endpoints – SEC318
Becky Weiss
In this session, figure out how to use your network perimeter as an easy defensive perimeter around your computer data in the cloud. VPC endpoints had been first released for Amazon S3 in 2015 and also have since incorporated many improvements, enhancements, and expansions. You’re enabled by them to lock your computer data into your networks along with assert network-wide security invariants. This session offers practical guidance on you skill with VPC endpoints and details how exactly to configure them in your data perimeter strategy.
The least privilege journey: AWS IAM policies and Access Analyzer – SEC324
Brigid Johnson
Are you searching for tools and strategies for applying least privilege permissions for the users and workloads? Love demonstrations and useful examples? In this session, explore superior skills to utilize on your journey to use least privilege permissions in AWS Identity and Access Management (IAM) by granting the proper access to the proper identities beneath the right conditions. For every stage of the permissions lifecycle, discover ways to appearance at IAM policy specifics and make use of IAM Access Analyzer to create, verify, and refine fine-grained permissions. Get yourself a overview of the foundations of permissions in AWS and dive into circumstances, tags, and cross-account access.
If watching these sessions has you considering the next hands-on learning opportunity with AWS Security, you’re invited by us to save lots of the date for AWS re:Inforce 2022. AWS re:Inforce, our learning conference centered on cloud security, compliance, identity, and privacy, june 28-29 will undoubtedly be kept, 2022 in Houston, Texas. We there desire to see you!
For those who have feedback concerning this post, submit comments in the Comments section below.
Need more AWS Security news? Stick to us on Twitter.