TalksAWS re:Invent 2024 -Driving real outcomes with an evidence-based approach to cloud security (SEC227)

AWS re:Invent 2024 -Driving real outcomes with an evidence-based approach to cloud security (SEC227)

Key Takeaways

Cloud Security Challenges

  • Asymmetry in security - mountain of alerts and false positives, talent and skill shortage, growing complexity of security stack and applications
  • Increased cloud breaches due to adoption and sophisticated threat actors
  • Disconnected cloud security tools leading to inefficient investigation and response

Approach to Improve Cloud Security

  1. Evidence-based Proactive Health

    • Validated exploit paths to prioritize and communicate risks
    • Offensive security engine to dynamically test vulnerabilities
    • Communication of "so what" impact to bridge security and engineering teams

  2. Autonomous Reactive Security

    • AI-powered detection and response at machine speed
    • Supervised and unsupervised ML for pre-execution and runtime protection
    • Conversational interface (Purple AI) to simplify investigation and response

Bridging Security and DevOps

  • Integrating security tooling and workflow with DevOps processes
  • Shifting security left by automating security checks in CI/CD
  • Improving communication and collaboration between security and engineering teams
  • Leveraging security learnings to proactively fix issues in the pipeline

Conclusion

The key to improving cloud security is to achieve a balance between evidence-based proactive health and autonomous reactive security, while also bridging the gap between security and DevOps teams. This approach helps to reduce the asymmetry in cloud security, accelerate investigation and response, and build better working relationships across the organization.

Your Digital Journey deserves a great story.

Build one with us.

Talk to us
Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.