AWS re:Invent

AWS pre:Invent 2022

My third annual pre:Invent roundup is posted over on Steampipe’s blog. You can also check out 2021 and 2020 if you’re so inclined.

Back in 2018, I wrote a semi-serious post on what you as a security practitioner should be looking for as it relates to re:Invent announcements.

There were a few hot-takes that didn’t warrant mention on my work post, so I’ll include them here for your general amusement.


re:Invent 2021 Recap

Last week was re:Invent. It was great to be back in Vegas, and I loath Vegas. The crowds this year were smaller, which meant I could typically get into whatever session I wanted to. However it still took forever to get from Wynn, to Venetian, to Caesar’s to Mirage (where I was staying). I probably walked as much last week as I did during the entire pandemic. The Expo floor was smaller, but it didn’t seem smaller.

pre:Invent 2021

Welcome to the American Thanksgiving holiday, which for us cloud peeps is the quiet period between pre:Invent and re:Invent. Traditionally the run up to AWS re:Invent is chock full of feature releases (and some product releases) that don’t merit mention in Andy Adam’s or Werner’s keynotes. Last year I was busy with a new job, hiring a new team, and helping to launch a streaming service. This year I have another new job (same company, new role), and did have time.

pre:Invent 2020

Welcome to the American Thanksgiving holiday, which for us cloud peeps is the quiet period between pre:Invent and re:Invent. Traditionally the run up to AWS re:Invent is chock full of feature releases (and some product releases) that don’t merit mention in Andy or Werner’s keynotes. As I was slammed with work things, I wasn’t following pre:Invent (and will probably miss much of the lame online re:Invent), so I’m going back and reviewing all the announcements for things of note to a serverless nerd or security geek.

SEC339 - Actionable threat hunting in AWS

This post is contains all the queries from my talk SEC339 at re:Invent 2019. Yes, it is very similar to the talk I gave at re:Inforce. The focus is on the Preparation & Identification aspects of the SANS Incident Response framework. Preparation The tools we need here are: Centralized CloudTrail Centralized GuardDuty Antiope Splunk. CloudTrail We centralize all our CloudTrail events from all our accounts into a single bucket.

Recent AWS Security Launches

This post came out of a need for me to review my Cloud Security Standards after re:Invent. I knew of the re:Invent announcements, I didn’t recall all the other things that have happened recently. Drop me a tweet, LinkedIn or email if this is useful and I should do this again in a few months. This list is sorted chronologically and categorized as good, bad and ugly. The Good Amazon GuardDuty Optimizes AWS CloudTrail Analysis Reducing Cost for Customers Announced On: Nov 1, 2018

AWS re:Invent 2018 Wrapup

It’s been about two now three weeks since AWS re:Invent 2018 wrapped, and I’m finally starting to recover. Six days in Vegas and a red-eye flight back to Atlanta have me not wanting to travel any more in 2018. So what happened of interest? First off, my two Chalk Talks with Suman and Damindra went well. I’m glad that at least two people out of the 58,000 present thought my session was they best they’d attended.

It's that time of year: AWS re:Invent

We’re a week away from AWS re:Invent and the level of cloud activity is reaching a fervor pace. Two things I’d like to share this morning. 1) How to Do re:Invent and 2) what all this re:Invent craziness means to a security professional. If you’re lucky enough to go to re:Invent (and as far as I’ve heard it’s not sold out) a few things to bear in mind: This is Vegas.