I spent the last few days at AWS re:Inforce 2019 in Boston, the first AWS security conference presented by Amazon Web Services (AWS). It was also the first AWS event that I've been to, and I came away with a few strong impressions:

Amazon is putting a lot of skin in the game. Amazon is not really a security technology vendor, yet it organized and sponsored a top-notch cybersecurity conference that attracted about 7,000 attendees. There are several big cybersecurity technology and services vendors who haven’t gone nearly this far, so in my humble opinion, the AWS folks deserve credit here. Why go to all this trouble for cybersecurity? Because Amazon wants its fingerprint on the cloud security narrative and technology direction. Given its market leader position, what’s good for Amazon cybersecurity should be good for cloud security in general. Amazon wants customers and prospects to know that AWS security has them covered. Yes, there is still a shared responsibility model for cloud security, but Amazon wants CISOs to know that they can confidently move their most sensitive workloads to AWS. To underpin this message, AWS CISO Steve Schmidt highlighted security services such as Amazon GuardDuty (threat detection/continuous monitoring), AWS Security Hub (an alert monitoring dashboard across AWS accounts), Amazon Inspector (automated security assessment), and Amazon Macie (a machine language-based tool to discover, classify, and protect sensitive data). Schmidt hammered his points about sensitive data protection by further emphasizing that the Amazon cryptographic stack spans up and down the OSI stack, protecting sensitive data as it crisscrosses AWS data centers. Finally, Amazon paraded out customers such as CapitalOne and Liberty Mutual to demonstrate that large enterprises have already bought into AWS security coverage. Partners are welcome. The show floor was packed with name-brand security vendors eager to demonstrate product support and integration with AWS. Aside from tradeshow traffic, Amazon also made several announcements for partners to build upon. For example, Amazon announced a VPC traffic-mirroring feature, enabling customers to mirror EC2 instance traffic within Amazon Virtual Private Cloud (VPC) and then forward that traffic to security and monitoring appliances. Partners such as Corelight, Fidelis, and Riverbed jumped on this, supporting this new service with their network traffic analytics tools. As for the AWS marketplace, Amazon’s goal is to get every security software vendor that matters to participate. To make this happen, Amazon employs a team to recruit vendors, provide development support, and work them into go-to-market programs.

Clearly, Amazon wants to lead and disrupt the security market, and the company is willing to resource this effort on a continual basis. As proof, Schmidt announced re:Inforce 2020 in Houston a year from now. Meanwhile, Amazon will use its re:Invent to reinforce AWS security technologies and positioning in December.

Impressed, but questions linger

I left AWS re:Inforce very impressed, but my colleague (cloud security guru) Doug Cahill and I will continue to monitor a few remaining questions around: