• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   AWS   »   AWS re:Inforce 2019 re:Cap

AWS re:Inforce 2019 re:Cap

  • Posted on:June 27, 2019
  • Posted in:AWS, Cloud
  • Posted by:
    Mark Nunnikhoven (Vice President, Cloud Research)
0
A wide angle shot of the conference registration desk for AWS re:Inforce with an endcap wall in a slight teal blue saying, "Welcome to AWS re:Inforce"

The inaugural AWS Cloud security conference—AWS re:Inforce—was held in Boston this week. Well over 8,000 attendees descended on the Boston Convention and Exhibition Center for two days jammed packed with security education and cloud content.

This was a very interesting conference because the dynamics of the attendees felt very different from typical AWS events. Usually at an AWS event, security teams are the odd people out. Making up a small portion of the attendees. At re:Inforce, the script flips and it seemed that the majority of attendees are in primarily security roles.

That’s great news for the show and for the community in general. Everyone in attendance and online was eager to learn about AWS Security Services, offers from AWS APN Partners, and what works—and what doesn’t—when it comes to securing cloud deployments.

https://www.youtube.com/watch?v=FKphJNfpWk8

Announcements

As with any AWS event, there were a number of announcements that covered new features and functionality. We didn’t get any new services but the size of these features makes up for that. Here’s my quick take on each of the major announcements and how it might be useful for you.

AWS Security Hub Goes GA

AWS Security Hub was first announced as a preview at AWS re:Invent 2018. This tool helps consolidate security information into one place. Data from various AWS Security Services (like Amazon GuardDuty, Amazon Macie, and Amazon Inspector) and from various AWS APN Partners feeds into Security Hub in order to highlight compliance issue and various security findings.

That term is key. A finding isn’t a log entry or an event or even an incident (as defined in infosec). A finding is generated by one of the security tools and is likely to start a security or compliance incident.

The goal of Security Hub is to make security data more visibility and actionable. It is not a replacement for a SIEM or a team of analysts. It is a fantastic tool to help highlight security issues with other teams.

Read more from Brandon West over on the AWS Blog.

AWS Control Tower Comes Out Of Preview

This service helps you to create strong, well-architected baselines for new AWS accounts within your organization. Control tower works with landing zones a concept first brought to the forefront at AWS re:Invent 2018.

Multi-account strategies are common within larger organizations and there are a number of security benefits to the approach if is well managed. The challenge is standardizing settings, configuration, and policy across accounts.

This is where AWS Control Tower comes into the picture. Working with AWS Organizations, AWS IAM, AWS Config, AWS CloudTrail, and AWS Service Catalog, you can configure what every new account within your organization should look it. This helps ensure that all of your teams are setup for success.

Read more from Jeff Barr.

VPC Traffic Mirroring

Up until now, you’ve only been able to glimpse at what’s going on with the network traffic in your VPC using AWS native features. The VPC Flow Log functionality provides the basics of source, destination, and size of traffic but actual packet analysis requires a better source of flow data.

VPC mirroring does exactly as promised, leveraging the AWS network layer to mirroring specific targets, sessions, or filters in order to analyze that traffic in another tool.

This can be helpful in network forensic analysis, troubleshooting, or operational analysis.

Jeff Barr has a walk through of the feature on the AWS Blog.

AWS Incident Response Whitepaper

Though published a few weeks before the event, AWS is highlighting the new AWS Security Incident Response Whitepaper. This paper helps security teams understand how traditional incident response maps to the AWS Cloud.

It’s a well-written, practical paper that can help teams understand how a process they are familiar with, changes in a new environment like the AWS Cloud.

Get an overview from Joshua Du Lac over on the AWS Security Blog.

AWS Marketplace Procurement System Integration

During the AWS re:Inforce keynote, Stephen Schmidt announced a new AWS Marketplace integration for existing procurement systems. On first blush, this seems like an odd feature to call out at a security conference.

But security is always a critical question in any enterprise sales engagement and procurement headaches abound. The AWS Marketplace can address some of those headaches.

This new integration (initially with Coupa and others via cXML) will make it easier for some enterprises to test and acquire new technologies, reducing the barrier to acquire new security tools.

Read more in the AWS Marketplace documentation.

What’s Next

At the end of the keynote, Stephen Schmidt announced that AWS re:Inforce will be held again next year, this time in Houston. That’s fantastic news as shows that AWS acknowledges that security is a critical pillar of well-built cloud deployments and that the community is strong enough to support events of this size dedicated to the topic.

The breakouts sessions from the show were recorded and are being posted to the AWS YouTube channel, the day 1 keynote by AWS CISO Stephen Schmidt has already been posted so you can start catching up now.

I did a take over on the Trend Micro LinkedIn page and went live twice during the show. Check that out for a bit of an insiders view and—as always—ping me on Twitter, where I’m @marknca to talk more about this and cloud security in general.

Related posts:

  1. Automatic Visibility And Immediate Security with Trend Micro + AWS Control Tower
  2. The Cloud in 2019: Current Uses and Emerging Risks
  3. AWS Security Hub and Deep Security
  4. Did Amazon’s aggressive algorithms prevent customer data loss?

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, MĂŠxico
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, EspaĂąa, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.