TalksAWS re:Invent 2025 - Intelligent security: Protection at scale from development to production-INV214

AWS re:Invent 2025 - Intelligent security: Protection at scale from development to production-INV214

Scaling Security at Speed: Embedding Expertise, Adapting to Change, and Partnering with the Business

Embedding Security Expertise Throughout the Organization

  • Security teams must become builders themselves to secure systems at scale
  • AWS has invested in three key areas to embed security expertise:
    1. Primitives: Foundational security building blocks optimized for developer ease of use
    • Example: S2N TLS, an open-source, small, and fast TLS implementation
    1. Embedded Guidance and Tooling: Integrating security across the entire development lifecycle
    • Example: Automated API security testing to eliminate testing toil for developers
    1. Adapting the Security Team Experience: Using internal tooling and AI to scale security operations
    • Example: Automating compliance assessments and active defense systems

Adapting to Changing Risks and Development Practices

  • Threat actors are leveraging AI to generate more targeted and convincing attacks
    • Example: Watering hole campaigns using prompt injection and evasion techniques
    • Example: Supply chain attacks targeting open-source package registries
  • Security teams must adapt their approaches to keep pace with these evolving threats
    • Measuring the right metrics, like time to fix vs. just number of findings
    • Leveraging AI and automation to increase speed and scale of security responses

Partnering with the Business to Solve Real Problems

  • Security teams must deeply understand the business's goals and constraints
    • Example: AWS's focus on scale and rapid development pace
  • Embedding security expertise throughout development workflows and operations
    • Example: Automating vulnerability assessments and risk prioritization
    • Example: Threat modeling and securing third-party integrations with business partners
  • Using AI and agents to turn security "intentions" into scalable "mechanisms"
    • Example: AWS Security Agent providing contextual security guidance during design and code reviews

Key Takeaways

  • Embed security expertise throughout development and operations, not just "shift left"
  • Adapt security practices to keep pace with evolving threats and development changes
  • Partner closely with the business to solve their real problems, not generic security tasks
  • Leverage AI and automation to increase speed, scale, and effectiveness of security

Technical Details and Business Impact

  • AWS security teams handle:
    • 312 trillion network flows per day
    • 550 million malicious activities per day
    • 200,000 malicious domains per day
    • 5 billion scans blocked per day
  • Lily uses threat modeling and partnerships with AWS to secure their supply chain
  • AWS Security Agent can analyze design docs in under a minute, identify security issues, and provide remediation guidance

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.