It’s that time again. AWS re:Invent returns to Las Vegas at the end of November. As many as 60,000 are expected to attend. So, what do you need to know if you’re going?
In this article, we cover what’s in, what’s hot and what we think may be missing from AWS re:Invent 2022 in the area of security.
You can tell what’s in at AWS re:Invent 2022 in the security arena by searching through the session catalog. Subjects of importance tend to get greater time and attention. And one of the first ones that pops up is AWS Well-Architected.
AWS Well-Architected “helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for a variety of applications and workloads.” It’s built around six pillars, one of which is security. Naturally AWS wants their customers’ cloud deployments to be successful and AWS Well-Architected is one way to make that happen. It make perfect sense that it’s “in” at the conference.
Another theme which seems to permeate this year’s sessions is the idea of automating security in AWS with sessions like Automate security analysis and code reviews with machine learning (SEC314).
A third area of emphasis at the event is on development and developers. In particular, the importance of security “shifting left” in development and the importance of not overburdening developers when you do.
These two areas of emphasis can be seen in the two sessions Dev-first security: From code to cloud, and back to code (PRT291) and Developers do care about security: Building a more collaborative path (PRT274). Collaboration being code for don’t made developers do it all.
These are some of the things that are in at AWS re:Invent 2022. But, what’s really hot there?
Perhaps no area of security is hotter right now than incident response. And with all the data breaches and fines making headlines, why wouldn’t it be? So, it should come as no surprise that incident response is perhaps the hottest topic at AWS re:Invent 2022.
Here are just three sessions addressing this important topic:
- AWS CIRT toolkit for automating incident response preparedness (SEC303-R)
- AWS Incident Detection and Response (SUP201)
- Automate incident response with AWS Systems Manager Incident Manager (COP331)
Incident response preparedness is an essential component to good security. Being ready for the almost inevitable security incident is just smart business. But, if incident response is hot, it also gives a clue to what we think is missing. After all, incident response doesn’t occur in a vacuum. It requires an incident to happen.
What we think is missing from the sessions is how to avoid incidents in AWS in the first place. If you can avoid most (or all) incidents, then you don’t need as much incident response.
Of course there are session on topics like risk management, but these tend to be more strategic and implemented at the management level. We are referring to tactical things you can do to minimize the chances of an incident happening in your AWS cloud deployment. We are talking about things like threat modeling.
The best we can tell, there’s not a single session at AWS re:Invent 2022 on threat modeling in the AWS cloud, but there probably should be. Threat modeling is a way to think about all the ways an incident can happen in the cloud before it happens, and then putting a mitigation in place to make sure it doesn’t.
If avoiding incidents in the first place sounds important to you, we have some good news for you. While there may be no session to attend, there is a booth you can visit: ThreatModeler in 1139.
ThreatModeler is an automated threat modeling solution that fortifies an enterprise’s SDLC by identifying, predicting and defining threats, empowering security and DevOps teams to make proactive security decisions. ThreatModeler provides a holistic view of the entire attack surface, enabling enterprises to minimize their overall risk.
If you’re going, stop by. We’d love to chat with you.