So earlier this year, I wrote (and then much later published) a blog post ripping AWS Security Hub. That led to conversations with folks on that team, and I got a chance to look at Security Hub’s new Central Configuration capabilities.
In short - this is an improvement for folks who use Security Hub and the built-in Security Standards. Sadly, it doesn’t solve many of the presentation issues that conflate “Compliance” and “Security”.
I’m back from re:Invent and still trying to adjust my sleep schedule (I’m on the East Coast and go to bed early; 6 pm Las Vegas time is my biological clock’s bedtime).
This year was one of my favorite re:Invents. I got to meet old and new co-workers and hang out with a lot of Community Builders and AWS Heroes, talk to service teams about what they should do to make their products work more for the security 99%. I got to a couple of good chalk talks on GenAI and GenAI security, which will help inform my poking at that over the holidays.
As for announcements, in the last seven days, there were 195 things posted to AWS What’s New. These are the ones I care to follow up on.
For simplicity, we’ll break them down into:
As has been my tradition the last few years, I prep for re:Invent by reviewing all the interesting announcements that happen in the weeks leading up to the event. This gives me a chance to keep an eye out for sessions and chalktalks related to things I care about, and a chance to corner an SA or product manager at the AWS Booth and go like this:
This year I’ll be attending AWS as a Security Hero. The good news for all 845,000 attendees is that I don’t have to wear tights. Instead I’ll be hanging out in the Heroes lounge with the other Heroes and Community Builders (hopefully sipping mimosas during the keynotes).
My third annual pre:Invent roundup is posted over on Steampipe’s blog. You can also check out 2021 and 2020 if you’re so inclined.
Back in 2018, I wrote a semi-serious post on what you as a security practitioner should be looking for as it relates to re:Invent announcements.
There were a few hot-takes that didn’t warrant mention on my work post, so I’ll include them here for your general amusement.
I got a bug to tell everyone about the sessions I’m looking forward to at re:Invent this year. Check it out.
Last week was re:Invent. It was great to be back in Vegas, and I loath Vegas. The crowds this year were smaller, which meant I could typically get into whatever session I wanted to. However it still took forever to get from Wynn, to Venetian, to Caesar’s to Mirage (where I was staying). I probably walked as much last week as I did during the entire pandemic. The Expo floor was smaller, but it didn’t seem smaller.
Welcome to the American Thanksgiving holiday, which for us cloud peeps is the quiet period between pre:Invent and re:Invent. Traditionally the run up to AWS re:Invent is chock full of feature releases (and some product releases) that don’t merit mention in Andy Adam’s or Werner’s keynotes.
Last year I was busy with a new job, hiring a new team, and helping to launch a streaming service. This year I have another new job (same company, new role), and did have time.
Welcome to the American Thanksgiving holiday, which for us cloud peeps is the quiet period between pre:Invent and re:Invent. Traditionally the run up to AWS re:Invent is chock full of feature releases (and some product releases) that don’t merit mention in Andy or Werner’s keynotes.
As I was slammed with work things, I wasn’t following pre:Invent (and will probably miss much of the lame online re:Invent), so I’m going back and reviewing all the announcements for things of note to a serverless nerd or security geek.
This post is contains all the queries from my talk SEC339 at re:Invent 2019. Yes, it is very similar to the talk I gave at re:Inforce.
The focus is on the Preparation & Identification aspects of the SANS Incident Response framework.
Preparation The tools we need here are:
Centralized CloudTrail Centralized GuardDuty Antiope Splunk. CloudTrail We centralize all our CloudTrail events from all our accounts into a single bucket.
This post came out of a need for me to review my Cloud Security Standards after re:Invent. I knew of the re:Invent announcements, I didn’t recall all the other things that have happened recently. Drop me a tweet, LinkedIn or email if this is useful and I should do this again in a few months. This list is sorted chronologically and categorized as good, bad and ugly.
The Good Amazon GuardDuty Optimizes AWS CloudTrail Analysis Reducing Cost for Customers Announced On: Nov 1, 2018
