This post was originally published here by gregg rodriguez.
AWS re:Inforce 2019, the biggest cloud security event of the year, promises to deliver as a hands-on conference offering a deep dive into the latest approaches to security, best practices and risk management using AWS services, features, and tools, as well as product offerings from AWS partners.
If you’re still struggling to maintain compliance in the cloud, unclear about DevSecOps or starting your cloud security program from scratch, AWS re:Inforce 2019 has you covered on all those fronts and many, many more.
Check out our list below to help you make the most out of your attendance by choosing some of your breakout sessions in advance:
- GRC203 – Whether you’re new to AWS or maturing your cloud infrastructure, you don’t have to start from scratch to build a solid security program! This session will be a great review of how the latest NIST Cybersecurity Framework can be followed along with AWS services – just be sure to build technical controls to your security monitoring to ensure continuous compliance. This breakout is hosted by one of the best AWS security evangelists, so this should be a great one.
- GRC323 – Though we can use the same security program fundamentals regardless of where workloads, data or code happen to live, the technology used to audit those objects has to change when you move them to AWS. This session will be a great introduction to the new ways to detect and report on cloud infrastructure and configuration.
- SDD328 – If you’re going to pick a great cloud security program to learn from, here’s your chance to make it one supporting a fun bran. Pokemon International is known for its buildout of dynamic cloud infrastructure, but did you know it’s also a pioneer in DevOps and cloud security?
- SDD305 – Still unclear about DevSecOps? Think of DevSecOps as putting security in the middle of Dev/__/Ops. And like DevOps itself, building a successful DevSecOps practice isn’t just about new types of cloud infrastructure and tools – it’s a culture shift. This will be a great session to learn and take back real-world suggestions to help you bridge the gap between DevOps and Security, as well as to help security and compliance practices match the speed and scale of your app and development teams.
- GRC321 – If you’re new to compliance requirements, or learning how to run your AWS infrastructure without any negative findings – this course will be a great help. AWS experts will walk you through compliance programs, where they should be applied – and how the AWS Shared Responsibility Model can help you determine how to modify your security program to cover the things that matter most within cloud computing environments.