Security is often described as complicated, cumbersome, and a general pain in the you know what. Modern, pragmatic security is anything but!
This guide provides a well-rounded view at well-architected applications, critical security areas, and how to start to automate your security practice in the AWS Cloud.
- DEV209-R - Releasing Mission-Critical Software at Amazon
Amazon has more experience than almost anyone deploying at cloud scale. This talk by Andy Troutman walks you through the journey a single line of code takes from idea to release. Understanding this process lays out what you should be aiming for.
- STG379-R2 - Deep Dive on Security in Amazon S3 & Amazon Glacier
Amazon S3 and Amazon Glacier are critical data storage services. Look no further than the repeated headlines to understand why you need to know the robust set of security controls built into these services. This talk will give you the knowledge you need.
- ARC212 - Trends in Digital Transformation
To say that Adrian Cockcroft, VP Cloud Architect Strategy, at AWS is a luminary and leader in the cloud is an understatement. In this talk, Adrian looks at how technology can accelerate organizational change. Security doesn't happen in a vacuum, understanding the organizational culture is key to success.
- ARC204-R - Incorporating the AWS Well-Architected Framework into Your Architecture
Security is one of the five pillars of the AWS Well-Architected Framework. This chalk talk is highly interactive and will help illustrate how you apply the framework in your daily work with the AWS Cloud. Read the initial whitepaper before you go to get your footing.
- Hit up the Welcome Reception in The Venetian after ARC204
- Watch "Monday Night Live" from 7:30–9PM in The Venetian
- Run the 4K or 8K race…or at least consider a donation to Girls Who Code in which all proceeds from the run are going to support.
- DEV321-R - What’s New with AWS CloudFormation
Automation is the key to consistency. Consistency drives directly to security. This talk covers the latest in AWS CloudFormation which should be the starting point for all of your AWS workloads.
- SEC310 - 0x32 Shades of #7f7f7f: The Tension Between Absolutes and Ambiguity in Security
Eric Brandwine, VP/Distinguished Engineer, AWS Security, lays out the fundamental challenge with security: living in a world of grey. Eric’s uniquely positioned to give an overview talk like this. With over a decade of experience inside AWS working on security, he's seen it all.
- SEC328-R1 - Infrastructure Protection in AWS
This talk focuses on the security of the infrastructure features and services provided by AWS. In it, you'll go beyond just the basics and truly understand how to tune the security controls to the needs of your workloads.
- SEC323-R1 - Automating Cloud Compliance in Real Time
Compliance gets a bad rap. That's because most teams don't worry about it until way too late. This session looks at how you can leverage various AWS services to automate the majority of your compliance workflows.
- Hit up the Pub Crawl in any number of the great locations!
- SEC322-R1 -Using AWS Lambda as a Security Team
Using AWS Lambda effectively will amplify the capabilities of your team. It's an absolutely crucial automation resource for any and all operations. This talk will get you started on the right path.
- SEC325-R1 - Data Protection: Encryption, Availability, Resiliency, and Durability
Data is everything to your organization and you need to take every step possible to protect it. This sessions looks at various strategies you can use with the AWS Key Management Service (KMS) to encrypt your data.
- ARC310-R1 - From One to Many: Diving Deeper into Evolving VPC Design
VPCs are such a fundamental part of the AWS Cloud experience that they are often overlooked. This classic session covers the very simplest VPC to some of the most complex structures in the AWS Cloud.
- Pop in to the AWS Certified Appreciation Reception from 6–8PM. Not certified yet? Use the time to study up and write an exam Thursday or Friday!
- NET402 - Transit VPCs: Reference Architectures for Many VPCs
This is a deeply technical session focused on multi-VPC deployments. If that describes your organization or use case, your time will be well spent learning these advanced networking topics.
- DEV208-R1 - Moving to DevOps the Amazon Way
DevOps isn't just a passing fad. It's a fundamentally more effective way to deliver applications. This talk will help you understand the path to adopting a DevOps culture within your organization.
- ARC209-R2 - Architecture Patterns for Multi-Region Active-Active Applications
At some point, most successful applications end up using some form of a multi-region deployment. This session explores the various multi-region scenarios and when you should look to use them.
- SEC316-R1 - Become an IAM Policy Master in 60 Minutes or Less
The AWS Identity and Access Management service is the single most critical security aspect of any workload. If you haven't already watched this talk from previous AWS re:Invent conferences, do it now!
- SEC326 - Orchestrate Perimeter Security Across Distributed Applications
Learn how to use key AWS Edge services like AWS WAF to augment the security of your workloads. This service is key in implementing a defence in depth strategy as it can effective stop malicious activity at the edge of the AWS Cloud.
- Attend the epic re:Play party from 8PM to midnight!
- ENT312-R1 - Well Operated: A Day in the Life of a Cloud Ops Engineer
Listen as two AWS experts walk you through their day-to-day. You'll understand how they use various techniques to accomplish their goals and they solve real-life problems in the complex environments. This talk will really help put everything you've learned over the week into perspective.
- AIM319-R1 - Build Multichannel Conversational Interfaces Using Amazon Lex
After focusing on security and well-architected designed throughout the week, have a little fun! This session looks at how you can build conversational interfaces with Amazon Lex. Use this to inspire a fun coding project to help absorb everything you've learned over the week!
Hopefully these talks hit the mark for you. As a long-time security professional, I'm excited by the possibilities presented by the AWS Cloud. With smart, secure defaults and a host of security services and features, “secure by design" can become second nature as you build your solutions in AWS.
For a more guide to the rest of the conference, check out my post “The Ultimate Guide to AWS re:Invent 2018” and be sure to reach out on Twitter, where I’m @marknca.