AWS re:Inforce returned to Boston, MA, in July after 2 years, and we were so glad to be back in person with customers. The conference featured over 250 sessions and hands-on labs, 100 AWS partner sponsors, and over 6,000 attendees over 2 days. If you weren’t able to join us in person, or just want to revisit some of the themes, this blog post is for you. It summarizes all the key announcements and points to where you can watch the event keynote, sessions, and partner lightning talks on demand.
Here are some of the announcements that we made at AWS re:Inforce 2022.
- Free MFA token ordering portal – We’ve made our free multi-factor authentication (MFA) security key program easier. We now have an ordering portal in the AWS Management Console where eligible customers can order their token. In response to customer demand, we’ve streamlined the ordering process, especially for linked accounts. At this time, only US-based AWS account root users who have spent more than $100 each month over the past 3 months are eligible to place an order.
- New for Amazon GuardDuty – Malware Protection for Amazon EBS volumes – Malware protection is now a feature of Amazon GuardDuty. Existing customers can enable the GuardDuty Malware Protection feature with a single click in the GuardDuty console or through the GuardDuty API.
- AWS Security Hub now receives Amazon GuardDuty Malware Protection findings – AWS Security Hub now automatically receives Amazon GuardDuty Malware Protection findings. GuardDuty Malware Protection findings within Security Hub also contain an investigation link that you can use to do further investigations in Amazon Detective.
- Amazon Detective supports Kubernetes workloads on Amazon EKS for security investigations – Analyze, investigate, and identify the root cause of security findings or suspicious control plane activity on Amazon Elastic Kubernetes Service (Amazon EKS) with Amazon Detective.
- Amazon Macie introduces new capability to securely review and validate sensitive data found in an Amazon S3 object – Customers can use this new capability in Amazon Macie to securely review and validate sensitive data found in an Amazon Simple Storage Service (Amazon S3) object and quickly take action as needed.
- IAM Roles Anywhere – This new feature extends the capabilities of AWS Identity and Access Management (IAM) roles to workloads outside of AWS. You can use IAM Roles Anywhere to provide a secure way for on-premises servers, containers, or applications to obtain temporary AWS credentials and remove the need for creating and managing long-term AWS credentials.
- AWS Marketplace Vendor Insights – This new feature helps simplify third-party software risk assessments by compiling security and compliance information in a unified dashboard.
- AWS Cloud Audit Academy – PCI DSS on AWS – Cloud Audit Academy (CAA) PCI DSS on AWS is the third course in the AWS security auditing learning path. This path is designed for those who are in auditing, risk, and compliance roles and who are involved in assessing regulated workloads in the cloud.
- New workshop – Threat modeling the right way for builders – This workshop introduces you to the background of threat modeling and why to do it, as well as some of the tools and techniques for modeling systems, identifying threats, and selecting mitigations.
- AWS WAF adds sensitivity levels for SQL injection rule statements – AWS WAF now supports setting sensitivity levels for SQL injection (SQLi) rule statements, giving customers greater control over how AWS WAF evaluates requests to their applications for SQLi attacks.
- AWS Network Firewall now supports prefix lists – AWS Network Firewall now supports Amazon Virtual Private Cloud (Amazon VPC) prefix lists to simplify management of firewall rules and policies across your VPCs. Prefix lists enable you to group one or more CIDR blocks into a single object. You can group IP addresses that you frequently use in a prefix list and reference this list in Network Firewall rule groups.
- AWS SSO is now AWS IAM Identity Center in order to better represent the full set of workforce and account management capabilities that are part of AWS Identity and Access Management (IAM). You can create user identities directly in IAM Identity Center, or you can connect your existing Active Directory or standards-based identity provider. To learn more, read this post from the AWS Security Blog.
- Enable secure communication with end-to-end encryption with AWS Wickr, and collaborate on calls with confidence. AWS Wickr encrypts messages, calls, and files with a proprietary, 256-bit end-to-end encryption protocol. No one but intended recipients can decrypt them, reducing the risk of person-in-the-middle attacks.
Watch on demand
You can also watch these talks and learning sessions on demand.
Keynotes and leadership sessions
Watch the AWS re:Inforce 2022 keynote where Amazon Chief Security Officer Stephen Schmidt, AWS Chief Information Security Officer CJ Moses, Vice President of AWS Platform Kurt Kufeld, and MongoDB Chief Information Security Officer Lena Smart share the latest innovations in cloud security from AWS and what you can do to foster a culture of security in your business. Additionally, you can review all the leadership sessions to learn best practices for managing security, compliance, identity, and privacy in the cloud.
Breakout sessions and partner lightning talks
- Data Protection and Privacy track – See how AWS, customers, and partners work together to protect data. Learn about trends in data management, cryptography, data security, data privacy, encryption, and key rotation and storage.
- Governance, Risk, and Compliance track – Dive into the latest hot topics in governance and compliance for security practitioners, and discover how to automate compliance tools and services for operational use.
- Identity and Access Management track – Hear from AWS, customers, and partners on how to use AWS Identity Services to manage identities, resources, and permissions securely and at scale. Learn how to configure fine-grained access controls for your employees, applications, and devices and deploy permission guardrails across your organization.
- Network and Infrastructure Security track – Gain practical expertise on the services, tools, and products that AWS, customers, and partners use to protect the usability and integrity of their networks and data.
- Threat Detection and Incident Response track – Learn how AWS, customers, and partners get the visibility they need to improve their security posture, reduce the risk profile of their environments, identify issues before they impact business, and implement incident response best practices.
- You can also catch our Partner Lightning Talks on demand.
Session presentation downloads are also available on our AWS Event Contents page. Consider joining us for more in-person security learning opportunities by registering for AWS re:Invent 2022, which will be held November 28 through December 2 in Las Vegas. We look forward to seeing you there!
If you’d like to discuss how these new announcements can help your organization improve its security posture, AWS is here to help. Contact your AWS account team today.
If you have feedback about this post, submit comments in the Comments section below. If you have questions about this post, contact AWS Support.
Want more AWS Security news? Follow us on Twitter.