AWS re:Invent 2019

I spent the last week at AWS re:Invent 2019 in Las Vegas with over 65,000 other AWS users. This conference is always jammed packed with announcements and interesting discussions with people both inside and outside of my normal security bubble. Overall I really enjoy this conference even though it is ridiculously large and I spent over 6 hours on the shuttles this week going between the 3 campuses of the conference.

I was glad to see Amazon finally get serious about security that matters to both practitioners and audit teams. While Encrypted by Default only applies to their Nitro Enclaves at this point I hope this is the start of moving this principal to all of their services.

Image


Here are some roughly organized notes and thoughts about some of the services that were launched or announced this week that I was impressed or really confused about.

General Cloud

  • AWS Outpost
    • It is a rack full of AWS equipment they install in your data center and then you manage it through the AWS console. It only costs $225,504.81 for the entry-level model.
  • AWS Nitro Enclaves
    • Nitro Enclaves enables you to create isolated compute environments to further protect and securely process highly sensitive data such as personally identifiable information.
  • AWS ARM Processors
    • Amazon is launching its own Arm-based processors. You have wonder if at least part of this isn’t to hopefully avoid future side-channel attacks.
  • AWS Compute Optimizer
    • You pay AWS to tell you how to pay AWS less or something.
  • Ubuntu Pro
    • This is a customized version of Ubuntu to run on EC2 that comes with LivePatch and will have preinstalled hooks into the AWS security hub soon. On the downside, it does cost $.03 an hour to run which will end up costing about $25 a month per instance.

Security

Machine Learning

¯\_(ツ)_/¯

General & Uncategorized Thoughts

Site Footer

Sliding Sidebar