Networking & Content Delivery

A sneak peek at the Network and Infrastructure Security track sessions for re:Inforce 2023

AWS re:Inforce is fast approaching, and this post can help you plan your agenda. AWS re:Inforce is a security conference where you can gain skills and learn about the latest solutions in cloud security, compliance, identity, and privacy. As a re:Inforce attendee, you will have access to hundreds of technical and non-technical sessions, an Expo featuring AWS experts, and security partners with AWS Security Competencies, and keynotes featuring Security leadership. AWS re:Inforce 2023 will take place in-person in Anaheim, CA, on June 13 and 14. re:Inforce 2023 features content in the following six areas:

· Data Protection

· Governance, Risk, and Compliance

· Identity and Access Management

· Network and Infrastructure Security

· Threat Detection and Incident Response

· Application Security

The network and infrastructure security track will showcase services and tools you can use to achieve secure and scalable connectivity on AWS. This post highlights some of the different Breakout, Chalk Talk, Builders, and Workshop sessions planned for the Network & Infrastructure Security track. The full catalog preview is live here.

A full conference pass is $1,099. Register today with the code secure150off to receive a limited time $150 discount, while supplies last.

Breakout sessions
Breakout sessions are lecture-style sessions delivered by one or more speakers.

NIS201: Behind the scenes: AWS security investments you inherit

One reason you should move to the cloud is to leverage the investments that AWS has made on your behalf. Join this session to learn about AWS security investments that you inherit. Learn about the AWS Nitro System, AWS’s custom hardware with built-in security and performance considerations for confidential computing at scale—all at no extra cost. Explore security features in AWS services you use every day, such as automated reasoning groups that help you reason about your security permissions in IAM Access Analyzer and Amazon Inspector, hyper-scalable encryption with AWS KMS, and threat indicators in services such as Amazon GuardDuty, AWS Shield, AWS WAF, and more.

NIS202: Achieving zero trust with AWS application networking

In this session, learn about various AWS application networking services that allow you to set up a security model that establishes trust by continuously authenticating and monitoring access.

NIS302: Build secure global connectivity with AWS

A transition is underway in enterprise networking. Organizations are incorporating new, cloud-native wide-area networking services into their infrastructure because of the services’ abilities to create and configure connectivity as needed—with elastic capacity and consumption-based pricing. In this session, learn how to use AWS Cloud WAN and Amazon VPC Lattice services to architect scalable global networks leveraging Zero Trust principles.

NIS303: Protect apps and AWS infrastructure: How Zillow uses AWS security

In this session, learn about the AWS and Zillow relationship and explore how Zillow uses AWS Firewall Manager to manage AWS WAF rules and AWS Shield Advanced protection centrally across multiple accounts. Learn about the end-to-end process of selecting AWS WAF managed rule groups, analyzing logs using Amazon Athena, analyzing false positives, and writing custom rules to avoid false positives and add additional security capabilities. Review how Shield Advanced is configured to protect resources from DDoS attacks.

Builders’ sessions
Builders’ sessions provide small groups interactive learning on how to build things on AWS. Each Builders’ Session begins with a brief explanation or demonstration by an AWS expert. There is no formal presentation, and once the demonstration is complete, attendees will use their laptop to experiment and build along with AWS experts.

NIS251: Enhance network security by integrating with AWS Security Hub

In this builders’ session, learn how to integrate AWS Network Firewall with AWS Security Hub (with findings from services like Amazon GuardDuty and Amazon Inspector). Also learn how to automate the creation of Network Firewall rules based on the findings from Amazon GuardDuty and Amazon Inspector.

NIS252: Centralized building & firewall rules across your AWS infrastructure

In this builders’ session, review how the new Amazon VPC Network Access Analyzer helps you identify network configurations that can lead to unintended network access. Learn ways you can improve your security posture while still allowing you and your organization to be agile and flexible.

NIS 353: Improve security compliance for your network deployments on AWS

In this builders’ session, learn how to build a detective workflow solution that demonstrates how you can express your desired security state as rules (in JSON or YAML) for ingress/egress traffic flows, implement continuous evaluation of the rules to detect deviations using AWS services and features, and take remediation actions when a deviation is detected from the user-defined intent.

Chalk Talk sessions
A highly interactive content format, Chalk Talks begin with a brief lecture (10-15 minutes) delivered by an AWS expert, followed by a 45–50-minute open format Q&A session. Chalk Talks foster a technical discussion around real-world architecture challenges.

NIS231: Secure access to your internal applications on AWS with Zero Trust

In this chalk talk, explore established patterns and dive into each of these patterns to find out which is best for specific use cases. Learn how you can use AWS services, such as Amazon VPC Lattice, Amazon CloudFront Lambda@Edge, AWS Verified Access, and more, to secure access to your applications. Leave this talk with renewed and deepened insight into the wealth of possibilities to help you choose what is best for your situation.

NIS331: Security inspection architectures with AWS Cloud WAN

In this chalk talk, dive deep into architecture patterns that help you inspect and protect your ingress, egress, and east-west traffic when using AWS Cloud WAN.

Workshop sessions
Workshops are interactive sessions where attendees work in small groups to build a solution to a problem using AWS. Workshops encourage interaction, and provide attendees with an opportunity to learn from and teach each other. Each workshop starts with a brief lecture (10-15 min) by the speaker, and additional AWS experts in the room offer personal assistance.

NIS271: NetSecDevOps: Improve security by automating network security testing

Organizations do DevOps or DevSecOps; in this workshop, learn how to incorporate network testing into CI/CD flows for NetSecDevOps. By automating network testing, organizations can test their defense-in-depth strategies, which helps improve their security postures. See how you can use Amazon VPC Network Access Analyzer and Amazon Inspector Network Reachability to test your network security architecture and resolve issues automatically.

NIS371: Dealing with bots with AWS WAF

Get hands-on experience building a bot-focused configuration and testing it with real traffic in this workshop. Learn configuration creation best practices and get experience using all the different advanced threat mitigation options available with AWS WAF.

NIS372: Build a DDoS-resilient perimeter and enable automatic protection at scale

In this workshop, learn how to build a DDoS-resilient perimeter and how to use services like AWS Shield, AWS WAF, AWS Firewall Manager, and Amazon CloudFront to architect for DDoS resiliency and maintain robust operational capabilities that allow rapid detection and engagement during high-severity events. Learn how to detect and filter out malicious web requests, reduce attack surface, and protect web-facing workloads at scale with maximum automation and visibility.

NIS374: Stopping zero-day attacks and ransomware with effective egress controls

In this workshop, learn how to implement AWS security best practices for egress controls with AWS Network Firewall, Amazon Route 53 Resolver DNS Firewall, AWS Firewall Manager, and Amazon CloudWatch to mitigate risks from software supply chain issues, zero-day attacks, crypto-mining, and ransomware. You must bring your laptop to participate.

If any of the above sessions look interesting, consider joining us in Anaheim by registering for re:Inforce 2023. We look forward to seeing you there!