Mark Nunnikhoven
Vice President of Cloud Research at Trend Micro
Ottawa, Canada

Security is often described as complicated, cumbersome, and a general pain in the you know what. Modern, pragmatic security is anything but!

This guide provides a well-rounded view at well-architected applications, critical security areas, and how to start to automate your security practice in the AWS Cloud.


  • DEV209-R - Releasing Mission-Critical Software at Amazon
    Amazon has more experience than almost anyone deploying at cloud scale. This talk by Andy Troutman walks you through the journey a single line of code takes from idea to release. Understanding this process lays out what you should be aiming for.
  • STG379-R2 - Deep Dive on Security in Amazon S3 & Amazon Glacier
    Amazon S3 and Amazon Glacier are critical data storage services. Look no further than the repeated headlines to understand why you need to know the robust set of security controls built into these services. This talk will give you the knowledge you need.
  • ARC212 - Trends in Digital Transformation
    To say that Adrian Cockcroft, VP Cloud Architect Strategy, at AWS is a luminary and leader in the cloud is an understatement. In this talk, Adrian looks at how technology can accelerate organizational change. Security doesn't happen in a vacuum, understanding the organizational culture is key to success.
  • ARC204-R - Incorporating the AWS Well-Architected Framework into Your Architecture
    Security is one of the five pillars of the AWS Well-Architected Framework. This chalk talk is highly interactive and will help illustrate how you apply the framework in your daily work with the AWS Cloud. Read the initial whitepaper before you go to get your footing.
  • Hit up the Welcome Reception in The Venetian after ARC204
  • Watch "Monday Night Live" from 7:30–9PM in The Venetian


  • Run the 4K or 8K race…or at least consider a donation to Girls Who Code in which all proceeds from the run are going to support.
  • DEV321-R - What’s New with AWS CloudFormation
    Automation is the key to consistency. Consistency drives directly to security. This talk covers the latest in AWS CloudFormation which should be the starting point for all of your AWS workloads.
  • SEC310 - 0x32 Shades of #7f7f7f: The Tension Between Absolutes and Ambiguity in Security
    Eric Brandwine, VP/Distinguished Engineer, AWS Security, lays out the fundamental challenge with security: living in a world of grey. Eric’s uniquely positioned to give an overview talk like this. With over a decade of experience inside AWS working on security, he's seen it all.
  • SEC328-R1 - Infrastructure Protection in AWS
    This talk focuses on the security of the infrastructure features and services provided by AWS. In it, you'll go beyond just the basics and truly understand how to tune the security controls to the needs of your workloads.
  • SEC323-R1 - Automating Cloud Compliance in Real Time
    Compliance gets a bad rap. That's because most teams don't worry about it until way too late. This session looks at how you can leverage various AWS services to automate the majority of your compliance workflows.
  • Hit up the Pub Crawl in any number of the great locations!




  • ENT312-R1 - Well Operated: A Day in the Life of a Cloud Ops Engineer
    Listen as two AWS experts walk you through their day-to-day. You'll understand how they use various techniques to accomplish their goals and they solve real-life problems in the complex environments. This talk will really help put everything you've learned over the week into perspective.
  • AIM319-R1 - Build Multichannel Conversational Interfaces Using Amazon Lex
    After focusing on security and well-architected designed throughout the week, have a little fun! This session looks at how you can build conversational interfaces with Amazon Lex. Use this to inspire a fun coding project to help absorb everything you've learned over the week!

Hopefully these talks hit the mark for you. As a long-time security professional, I'm excited by the possibilities presented by the AWS Cloud. With smart, secure defaults and a host of security services and features, “secure by design" can become second nature as you build your solutions in AWS.

For a more guide to the rest of the conference, check out my post “The Ultimate Guide to AWS re:Invent 2018” and be sure to reach out on Twitter, where I’m @marknca.