AWS re:Inforce 2022 keynote highlights

Eyal Estrin ☁️
4 min readJul 26, 2022

“The Guardians program identifies and develops security experts within engineering teams across AWS, enabling these teams to use Amazon Security more effectively”

https://aws.amazon.com/blogs/security/aws-security-profile-philip-winstanley-security-engineering

PrivatBank case study:

https://www.aboutamazon.com/news/aws/safeguarding-ukraines-data-to-preserve-its-present-and-build-its-future

Introducing New Categories of AWS Security Competency Partners

https://aws.amazon.com/blogs/apn/introducing-new-categories-of-aws-security-competency-partners/

https://aws.amazon.com/blogs/apn/introducing-aws-level-1-mssp-competency-specialization-categories/

Announcing AWS Marketplace Vendor Insights to help streamline vendor risk assessments (Preview)
https://aws.amazon.com/about-aws/whats-new/2022/07/aws-marketplace-vendor-insights-streamline-vendor-risk-assessments-preview/

https://aws.amazon.com/marketplace/features/vendor-insights

Cloud Audit Academy
https://aws.amazon.com/compliance/auditor-learning-path/

Threat Modeling Workshop
https://catalog.workshops.aws/threatmodel/en-US

Hybrid post-quantum key agreement
https://aws.amazon.com/blogs/security/how-to-tune-tls-for-hybrid-post-quantum-cryptography-with-kyber/

https://aws.amazon.com/blogs/security/enable-post-quantum-key-exchange-in-quic-with-the-s2n-quic-library/

Automated reasoning
https://www.amazon.science/latest-news/how-awss-automated-reasoning-group-helps-make-aws-and-other-amazon-products-more-secure

Provable Security
https://aws.amazon.com/security/provable-security/

Permission lifecycle:

Call to action:

AWS (IAM) Roles Anywhere Management
https://aws.amazon.com/about-aws/whats-new/2022/07/aws-identity-access-management-iam-roles-anywhere-workloads-outside-aws/

https://docs.aws.amazon.com/rolesanywhere/latest/userguide/introduction.html

Amazon Detective Supports Kubernetes Workloads on Amazon EKS for Security Investigations
https://aws.amazon.com/blogs/aws/amazon-detective-supports-kubernetes-workloads-on-amazon-eks-for-security-investigations/

Malware protection now a feature of Amazon GuardDuty
https://aws.amazon.com/about-aws/whats-new/2022/07/malware-protection-feature-amazon-guardduty/

AWS Security Hub now receives Amazon GuardDuty Malware Protection findings
https://aws.amazon.com/about-aws/whats-new/2022/07/aws-security-hub-receives-amazon-guardduty-malware-protection-findings/

AWS announces AWS Wickr (Preview)
https://aws.amazon.com/about-aws/whats-new/2022/07/aws-announces-aws-wickr-preview/

Link to the entire session in YouTube:

https://www.youtube.com/watch?v=PPunA7tPMyk

About the Author

Eyal Estrin is a cloud and information security architect, the owner of the blog Security & Cloud 24/7 and the author of the book Cloud Security Handbook, with more than 20 years in the IT industry.
You can connect with him on Twitter and LinkedIn.

--

--

Eyal Estrin ☁️

Author | Cloud Security Architect | AWS Community Builder | Public columnist | CISSP | CCSP | CISM | CDPSE | CISA | CCSK | https://linktr.ee/eyalestrin