Security is often misunderstood. That’s understandable given how it’s usually presented. Let’s fix that. Simply put, security is one of the main areas of focus when building on the AWS Cloud. It works with the other AWS Well-Architected pillars—operational excellence, performance efficiency, cost optimization, reliability, and sustainability—to help you deliver robust, resilient solutions.
I’ve built this guide with that approach in mind. These sessions will help security professionals take a cloud-native approach. It will also help builders of all experience levels understand how security fits into the bigger picture.
There’s a ton of great content this year and these sessions are a great starting point for your security journey, and they are a good reminder of the foundations for those of us further down the path.
Quality service delivery is fundamental to a strong security posture. The principles in the AWS Well-Architected Framework will help your teams build better in the cloud.
Modern applications: An infrastructure perspective
Amazon EC2 is usually a major part of your compute infrastructure. This session focuses on how Amazon EC2 works at a fleet level. Understanding this is critical to expanding your security efforts beyond the instance itself.
Observability the open-source way
Observability has massive benefits for all builders, security teams doubly so. Learn about metrics, traces, log data, and OpenTelemetry and how it can help improve visibility into what’s happening in your builds.
Developing an observability strategy
You have access to mountains of data about how your builds are behaving. This session will help you understand what strategies work to manage that data and how to get the most out of it.
Cloud compliance, assurance, and auditing
If there is a “trick” to compliance, it’s building evidence collection into everything you do. The good news? A lot of the work you’re doing around observability helps with that. This session will show you how.
How to monitor applications across multiple accounts
The more accounts your teams use, the more you realize you need a strategy for visibility across accounts. Focusing on application monitoring, the lessons from this session are directly applicable to security.
The Amazon Builders’ Library: 25 years of operational excellence at Amazon
The Amazon Builders’ Library is a gold mine of hard-fought knowledge about building on the cloud. This session takes a deep dive into how Amazon runs technical operations and what they’ve learned.
The architect elevator: Connecting the boardroom and IT
You can’t communicate the same information to a development team and your executives. The contexts are completely different. This session maps out how to tackle those differences effectively.
Shipping securely: How strong security can be your strategic advantage
This session explains the business advantages to a strong security approach. Take notes, lots of notes, and use this within your organization. Strong security helps everyone reach their goals faster.
2022 AWS Threat Landscape Report
AWS Security has a unique perspective on the threat landscape. Learn about what they are seeing and how it impacts your organization . . . or more importantly, doesn’t impact your organization because of their hard work.
Proactive security: Considerations and approaches
AWS’s approach to security is one worth replicating. The way they’ve distributed responsibility throughout teams that are building on the cloud is highly effective. Learn how you can do the same in this talk.
Revitalize your security with the AWS Security Reference Architecture
The AWS Security Reference Architecture is a good starting point for any build. This is a great technical foundation session, as it takes a closer look at the why and how of that design.
AWS data protection: Using locks, keys, signatures, and certificates
Encryption is a critical security control. Looking at its application for data at rest and in transit, this session lays the groundwork for a robust data strategy that will underpin your entire security strategy.
AWS Well-Architected Framework security pillar: Cloud security at scale
A deep dive into the security pillar for the AWS Well-Architected Framework. This session puts a focus on security-specific outcomes but is also a great introduction into the framework itself.