Now that I’ve had a week to catch my breath, I took some time to sit down and reflect on AWS re:Invent 2017. It was an epic event in an epic city, and it was an event filled with great information and exciting announcements and product launches. There was far too much going on at re:Invent to recap in a comprehensive way, so I will just share a few of my key takeaways.
There were two key announcements at re:Invent related to cloud security. Amazon announced GuardDuty—a new threat detection service for AWS customers, and Managed Rules for AWS WAF (web application firewall)—rules that enable AWS customers to effectively mitigate specific threats against web applications.
Amazon GuardDuty combines threat intelligence, anomaly detection and machine learning to identify suspicious or malicious activity without requiring any additional AWS security software or infrastructure. Alert Logic unveiled Cloud Insight Essentials to augment Amazon GuardDuty—providing deeper insight and more context around the alerts, as well as recommending guidance for what action to take to address the alerts.
Managed Rules for AWS WAF offers AWS customers sets of rules that have been written, curated and managed by partners in the AWS Marketplace. The rules can be deployed in front of web applications to act as a sort of “Band-aid” to mitigate a threat until a more comprehensive solution can be put in place. Alert Logic announced Alert Logic Managed Rules for AWS WAF – Virtual Patches for WordPress, a set of rules designed specifically to protect WordPress implementations on AWS against common exploits.
DevOps Security and Container Security
Another thing that stood out to me as I walked the floor and spoke with vendors, as well as in the announcements from Amazon and the information presented in many breakout sessions is the growing focus on DevOps and containers.
Amazon unveiled AWS Fargate—a technology that allows customers to run containers without having to manager servers or clusters. Customers don’t have to configure or manage the underlying infrastructure, they can just focus on developing apps. You can just package your app in containers, specify the CPU and memory requirements, define networking and IAM (identity and access management) policies, and launch. There is no infrastructure to manage and the app will scale seamlessly.
Amazon also announced Amazon Elastic Container Service for Kubernetes, which somehow gets scrunched to Amazon EKS. Kubernetes is an open source system for orchestrating container deployment, scaling and management. Amazon EKS makes it simple to run Kubernetes on AWS without actually installing and operating your own Kubernetes clusters,
Alert Logic founder Misha Govshteyn was joined by Joey Peloquin from Citrix to present a session titled Security and DevOps: Agility and Teamwork. The two shared lessons learned from organizations that understand that agile security results in faster and more secure workload deployments. They also talked about how to integrate security controls into DevOps processes within an AWS environment.
Along with my takeaways, I also learned some valuable lessons that will help me make future re:Invent conferences a better, more enriching experience. Two in particular stand out. First, plan ahead and plan early. It takes organization—and some brilliant time management—to navigate between venues to attend the keynotes and the breakout sessions. It also takes preparation because registration for many of the sessions fills up fast.
The second lesson is to take advantage of the extra-curricular activities offered at AWS re:Invent. While the main event is the keynotes, breakout sessions, and chatting with vendors on the Expo Hall floor, Amazon also includes things like the pub crawl, wing-eating contest, 4K run, and the massive closing night party. I made it to the closing night party this time around, but—like the sessions and keynotes above—making it to these other activities requires some planning and effective time management.
It was an exciting and busy week, and this is what I got out of it. There was so much going on, though, and so much information being shared, I’m curious what your takeaways are or what major themes you heard at AWS re:Invent 2017. Feel free to share in the comments below. I’m going to mark my calendar for AWS re:Invent 2018 and start planning for next year.