AWS re:Inforce: Security Threats, 4 New Partner-Related Announcements
We catch you up on the biggest announcements, live from AWS re:Inforce in Anaheim.
![Anaheim Convention Center for AWS re:inforce 2023 Anaheim Convention Center for AWS re:inforce 2023](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltc04aa4aa7c415022/6523f67d606c0c794a6b88ea/Anaheim-Convention-Center-AWS-Reinforce-2023.jpg?width=700&auto=webp&quality=80&disable=upscale)
“Security is more about people and culture than it is technology.”
That’s how CJ Moses, CISO of AWS, kicked off the AWS re:Inforce keynote on June 13.
“Every action we take,” he added, “…takes the human element into consideration.”
With that in mind, Moses spent a fair amount of time reviewing platforms including Nitro and Firecracker, reinforcing their efficacy and performance. For example, Moses noted that UK-based research firm NCC Group recently confirmed via an independent architecture review showing there are “no gaps” in the Nitro System, first launched 10 years ago as a replacement for traditional — and leak-prone — hypervisors.
“Good enough is never good enough for us or our customers,” Moses said. “We are constantly innovating on your behalf.”
Moses reiterated that AWS software undergoes “rigorous” reviews to ensure security. That’s imperative, especially because the company stands out as the world’s largest public cloud computing provider. Consider that AWS supports more than 140 security standards and compliance certifications. It operates in 99 availability zones and 31 geographic regions.
As a result, “we often become a target,” Moses said.
And so, Moses said, AWS takes proactive steps.
“Our No. 1 priority is to prevent security issues from causing destruction to your business,” he said.
As proof, Moses offered the following statistics from the first quarter of this year:
• 1 million mitigated outbound botnet-driven DDoS attacks.
• 5.4 billion signals from threat sensors.
• 1.5 billion signal from active network probes.
On the next slide, we review the product launches Moses introduced.
Every AWS keynote (as happens with most companies’ main speeches) featured a slew of new announcements. Here are the ones Moses introduced:
• Built-In Partner Solutions, in preview. This allows partners to embed their software with AWS tools for automated deployment.
• AWS Global Partner Security Initiative, new as of June 13. This brand-new program comprises security solutions and managed services. The five initial system integrators to participate are Atos, Deloitte, PwC, Accenture and Kyndryl.
• Amazon CodeGuru Security, in public preview. This lets users identify and resolve code vulnerabilities at any stage of the development workflow. It uses machine learning and automated reasoning, largely to reduce false-positive detections.
• New, expanded Findings Groups in Amazon Detective to combat alert fatigue. “The key in managing modern security is to lean on AI and ML,” Moses said. Findings Groups use ML and graph theory to distill thousands of discrete findings to a connected security event.
Becky Weiss, senior principal engineer at AWS, also got the chance to unveil several new offerings.
The first? General availability, as of June 13, of Amazon Verified Permissions. This lets administrators centrally manage and implement authorization within applications using AWS Cedar policies.
“It’s the next chapter of zero trust,” Weiss said.
There’s also now ECS Instance Connect Endpoint. In other words, users may connect EC2 securely via SSH/RDP through a private endpoint. There is no need for an internet-facing EC2 host.
After that, Weiss revealed expansions to GuardDuty, which protects AWS accounts with threat detection. Now, users get more protections in the form of threat detection for Aurora; EKS runtime threat detection from more than 30 security findings; and threat detection coverage for AWS Lambda functions such as unauthorized crypto mining.
We highlight two more new releases on the next slide.
New on June 13 as well, and in GA, is Amazon Inspector Code Scans for Lambda. This scans AWS Lambda code for security vulnerabilities such as injection flaws and data leaks. It also offers remediation recommendations.
Finally, also in GA as of June 13, is a new capability in Amazon Inspector called SBOM Export. It’s a tool for managing security bill of materials exports.
Before releasing the crowd to explore the expo hall, take a coffee break or sit in on a variety of sessions, Moses summed up cloud and security this way: “I never get tired explaining what security is. … Together we can create a formidable defense against the threats that lie ahead.”
Before releasing the crowd to explore the expo hall, take a coffee break or sit in on a variety of sessions, Moses summed up cloud and security this way: “I never get tired explaining what security is. … Together we can create a formidable defense against the threats that lie ahead.”
AWS RE:INFORCE — Security and cloud computing are inextricably linked. That’s why Amazon Web Services, the world’s largest public cloud computing provider, holds AWS re:Inforce every year — and 2023, of course, is no exception.
The latest iteration of the thousands-large conference is taking place this week at the Anaheim Convention Center in southern California. And from end users to channel partners alike, there’s something for everyone at AWS re:Inforce.
This year’s event officially kicked off on Tuesday morning with the keynote featuring CJ Moses, chief information security officer at AWS, and Becky Weiss, senior principal engineer. If you didn’t make it to AWS re:Inforce (or if you missed the opening), Channel Futures was there to show you what they discussed, including several new releases. If you’re a systems integrator, there’s at least one announcement that should appeal in a big way.
It’s all in the slideshow above.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Kelly Teal or connect with her on LinkedIn. |
Read more about:
VARs/SIsAbout the Author(s)
You May Also Like