AWS re:Invent will surely vary in 2020! Of viewing you all in NEVADA instead, this year re:Invent is a free, three-week digital conference. A very important factor that will remain exactly the same will be the selection of sessions, including several Security, Identification, and Compliance sessions. Once we developed periods, we appeared to customers-inquiring where they wish to expand their information. A proven way we did this is shared in a recently available Security post, where we released a new customer polling feature that delivers us with suggestions directly from customers. The original outcomes of the poll demonstrated that Identification and Access Administration and Data Security are top-ranking subjects for customers. We wished to highlight a few of the re:Invent classes for both of these important topics to enable you to begin to build your re:Invent plan. Each session emerges at multiple times, so that you can sign up for the proper time that is most effective for the location and schedule.

Managing your own Identities and Access within AWS

AWS identification: Secure account and app accessibility with AWS SSO
Ron Cully, Principal Product Supervisor, AWS

Dec 1, 2020 | 12:00 PM – 12:30 PM PST
Dec 1, 2020 | 8:00 PM – 8:30 PM PST
Dec 2, 2020 | 4:00 AM – 4:30 AM PST

AWS SSO has an easy solution to manage access at level across all of your aws Businesses accounts centrally, making use of identities you create and manage inside AWS SSO, Microsoft Dynamic Directory, or external identification providers (such as for example Okta Universal Directory or even Azure AD). This program explains ways to make use of AWS SSO to control your AWS environment, also it covers key brand-new features to assist you secure and automate accounts access authorization.

Getting began with AWS identification services
Becky Weiss, Senior Principal Engineer, AWS

Dec 1, 2020 | 1:30 PM – 2:00 PM PST
Dec 1, 2020 | 9:30 PM – 10:00 PM PST
Dec 2, 2020 | 5:30 AM – 6:00 AM PST

The true number, range, and breadth of AWS services are big, however the set of techniques you need to secure them isn’t. Your trip as a builder in the cloud begins with this session, where practical examples assist you to quickly get right up to rate on the fundamentals to become authenticated and certified in the cloud, in addition to on securing your computer data and resources correctly.

AWS identity: 10 identity wellness checks to boost security inside the cloud
Cassia Martin, Senior Safety Solutions Architect, AWS

Dec 2, 2020 | 9:30 AM – 10:00 AM PST
Dec 2, 2020 | 5:30 PM – 6:00 PM PST
Dec 3, 2020 | 1:30 AM – 2:00 AM PST

Get practical program code and advice to assist you achieve the principle of minimum privilege in your current AWS environment. From enabling logs to disabling root, the supplied checklist can help you find and repair permissions problems in your sources, your accounts, and during your organization. With one of these ten wellness checks, each day you can enhance your AWS identity and achieve better security.

AWS identity: Selecting the most appropriate mixture of AWS IAM guidelines for level
Josh Du Lac, Principal Protection Solutions Architect, AWS

Dec 2, 2020 | 11:00 AM – 11:30 AM PST
Dec 2, 2020 | 7:00 PM – 7:30 PM PST
Dec 3, 2020 | 3:00 AM – 3:30 AM PST

This session provides both a strategic and tactical summary of various AWS Identity and Access Administration (IAM) policies offering a variety of capabilities for the security of one’s AWS accounts. Today you almost certainly already use a amount of these policies, but this session shall dive in to the tactical known reasons for choosing one capability over another. This program zooms out to assist you learn how to manage these IAM plans across a multi-account atmosphere, covering their objective, deployment, validation, limitations, supervising, and more.

Zero Trust: A good AWS viewpoint
Quint Van Deman, Principal WW Identification Specialist, AWS

Dec 2, 2020 | 12:30 PM – 1:00 PM PST
Dec 2, 2020 | 8:30 PM – 9:00 PM PST
Dec 3, 2020 | 4:30 AM – 5:00 AM PST

AWS clients have asked continuously, “Do you know the optimal designs for ensuring the proper levels of protection and availability for my techniques and data?” Increasingly, they’re asking how styles that are categorized as the banner of Zero Trust may connect with this question. In this program, you find out about the AWS guiding concepts for Zero Have faith in and explore the bigger subdomains which have emerged in this space. Then the program dives into how AWS provides incorporated a few of these concepts deep, and how AWS will help you by yourself Zero Trust journey.

AWS identification: Next-generation permission administration
Brigid Johnson, Senior Software Growth Manager, AWS

Dec 3, 2020 | 11:00 AM – 11:30 AM PST
Dec 3, 2020 | 7:00 PM – 7:30 PM PST
Dec 4, 2020 | 3:00 AM – 3:30 AM PST

This session is for central security programmers and teams who manage application permissions. This session testimonials a permissions design that enables one to level your permissions management confidently. Figure out how to set your company up for access administration success with authorization guardrails. Then, find out about granting workforce permissions predicated on attributes, so they level as your groups and users adjust. Finally, find out about the access evaluation tools and how exactly to use them to recognize and reduce wide permissions and present users and systems usage of only what they want.

How Goldman Sachs administers temporary elevated AWS gain access to
Harsha Sharma, Options Architect, AWS
Chana Garbow Pardes, Associate, Goldman Sachs
Jewel Dark brown, Analyst, Goldman Sachs

Dec 16, 2020 | 2:00 PM – 2:30 PM PST
Dec 16, 2020 | 10:00 PM – 10:30 PM PST
Dec 17, 2020 | 6:00 AM – 6:30 AM PST

Goldman Sachs takes entry and safety to AWS accounts seriously. While empowering groups with the freedom to create applications is crucial for scaling cloud use over the firm autonomously, controls and guardrails have to be set in spot to enable secure administrative accessibility. In this session, understand how the ongoing company constructed its credential brokering workflow plus administrator access because of its users. Learn how, using its simple software that utilizes proprietary and AWS providers, which includes Amazon DynamoDB, AWS Lambda, AWS CloudTrail, Amazon S3, and Amazon Athena, Goldman Sachs can handle administrator credentials and keep track of and report on activities used for audits and compliance.

Data Protection

Perform an AWS is necessary by you KMS custom made key store?
Tracy Pierce, Senior Consultant, AWS

Dec 15, 2020 | 9:45 AM – 10:15 AM PST
Dec 15, 2020 | 5:45 PM – 6:15 PM PST
Dec 16, 2020 | 1:45 AM – 2:15 AM PST

AWS Key Management Services (AWS KMS) has integrated with AWS CloudHSM, providing you the option to generate your personal AWS KMS custom essential store. In this program, you find out about what sort of KMS custom key shop is supported by an AWS CloudHSM cluster and how it allows you to generate, shop, and make use of your KMS keys in the equipment protection modules that you handle. Additionally you learn when and when you need a custom made key store really. Join this program to learn why you may choose not to work with a custom key shop and instead utilize the AWS KMS default.

Using certificate-centered authentication upon containers & internet servers on AWS
Josh Rosenthol, Senior Product Supervisor, AWS
Kevin Rioles, Manager, Infrastructure & Safety, BlackSky

Dec 8, 2020 | 12:45 PM – 1:15 PM PST
Dec 8, 2020 | 8:45 PM – 9:15 PM PST
Dec 9, 2020 | 4:45 AM – 5:15 AM PST

In this session, BlackSky discusses its encounter using AWS Certificate Manager (ACM) end-entity certificates for the digesting and distribution of real-time satellite television geospatial intelligence and supervising. Learn how BlackSky utilizes certificate-structured authentication on containers and internet servers within its AWS atmosphere to help with making TLS ubiquitous in its deployments. The session information the implementation, architecture, and operations guidelines that the business chose and how it had been able to function ACM at scale across several accounts and regions.

The busy manager’s guide to encryption
Spencer Janyk, Senior Product Supervisor, AWS

Dec 9, 2020 | 11:45 AM – 12:15 PM PST
Dec 9, 2020 | 7:45 PM – 8:15 PM PST
Dec 10, 2020 | 3:45 AM – 4:15 AM PST

In this session, discover the functionality of AWS cryptography services and find out when and where you can deploy each one of the following: AWS Key Management Service, AWS Encryption SDK, AWS Certificate Manager, AWS CloudHSM, and AWS Secrets Manager. You find out about defense-in-depth methods including asymmetric permissions versions also, client-side encryption, and authorization segmentation by role.

Developing post-quantum cryptography for the cloud
Alex Weibel, Senior Software program Development Engineer, AWS

Dec 15, 2020 | 12:45 PM – 1:15 PM PST
Dec 15, 2020 | 8:45 PM – 9:15 PM PST
Dec 16, 2020 | 4:45 AM – 5:15 AM PST

Nowadays to secure TLS communication this program introduces post-quantum cryptography and how you may use it. Learn about recent improvements on specifications and existing deployments, like the AWS post-quantum TLS execution (pq-s2n). A explanation of the hybrid essential agreement method shows ways to combine a fresh post-quantum key encapsulation technique with a classical essential exchange to secure system traffic today.

Data protection from scale making use of Amazon Macie
Neel Sendas, Senior Complex Account Manager, AWS

Dec 17, 2020 | 7:15 AM – 7:45 AM PST
Dec 17, 2020 | 3:15 PM – 3:45 PM PST
Dec 17, 2020 | 11:15 PM – 11:45 PM PST

Data Loss Avoidance (DLP) is really a common subject among companies that use sensitive data. If a business can’t identify its delicate data, it can’t end up being protected by it. Amazon Macie is really a fully managed information security and data personal privacy service that utilizes machine learning and design matching to find and protect your delicate information in AWS. In this program, we shall share information on the architecture and style you may use to deploy Macie most importantly scale.

This year while periods are virtual, they will be offered by multiple periods with live moderators and “Ask the Expert” classes available to help response any queries that you will find. We anticipate “viewing” you in these periods. Please start to see the re:Invent agenda for additional information also to build your schedule.

For those who have feedback concerning this post, submit remarks in the Comments section below.

Want a lot more AWS Security how-to articles, news, and show announcements? Stick to us on Twitter.