AWS re:Invent 2018 Session Guide: Security

With over 3,300 sessions, AWS re:Invent 2018 was jam packed full of content.

Leading up to AWS re:Invent 2018, I wrote a guide to security-themed breakout sessions for the conference site. The guide was designed to lead you through a week of content that would either change how you viewed security or reinforce your belief that security is a foundational part of building well in the cloud.

Overall, I recommended 18 sessions. The guide was written just before the final schedule was released and due to that timing, some changes in the re:Invent session catalog were made. Of the 18 sessions I recommended, 11 were delivered as planned, 4 were renamed, and 3 were removed entirely.

I’ve made a YouTube playlist of the sessions to make it easier to review them. Here’s a look at how the week played out…


Releasing Mission-Critical Software at Amazon (DEV209) by Andy Troutman was everything I hoped for. Andy walked through Amazon’s internal process for delivering features and functionality. Andy’s speaking style is casual and easy to listen to.

This talk walks through an example release of a code change from idea to production. It’s a really fascinating look at Amazon’s emphasis on systems and consistency. A ton to learn here.

Deep Dive on Amazon S3 Security and Management (STG303) by PD Dutta (AWS) and Christopher Schultz (Capital One) walks through almost everything you need to know about protecting your data in Amazon S3. Given the multitude of challenges companies have faced in past few years this talk is a must watch.

Trend in Digital Transformation (ARC212) was given by Adrian Cockcroft. That alone should be motivation enough for you to make the time. Adrian is a cloud legend and it shows in this talk. It’s a 200 level session, so he addresses high level concepts and strategies. No code here but a ton of usable, actionable strategies to help transform your organization to take advantage of the power of the AWS Cloud.

“Incorporating the AWS Well-Architected Framework into Your Architecture” didn’t make the final program. That’s disappointed but as a major upgrade we got a brand new service around the AWS Well-Architected Framework: the AWS Well-Architected Tool.

Complementing a new Well-Architected Partner Program (where you can have a vetted AWS APN partner conduct a Well-Architected review of your build, the tool provides an automated review service.

This is a game changer. By providing recommendations and best practices in context, the tool will help you build better solutions in the AWS Cloud.

After the well attended Welcome Reception, Monday Night Live with Peter DeSantis delivered a ton of technical announcements and a few new service launches. This continues to be a highlight of the week for me.


I didn’t make it to the 4K race (fighting a back injury), though I did sign up and make a donation. If you haven’t already, you can make one directly.

Shameless community benefiting plug: just before AWS re:Invent, Trend Micro, AWS, and Girls In Tech kicked off a campaign called “Close The Gap” to help address the lack of gender diversity in tech. Look for a lot more from the campaign and please support your local Girls In Tech chapter.

Anil Kumar, Luis Colon, and Manu Suresh teamed up to deliver, What’s New with AWS CloudFormation (DEV321). They tackled three main points;

  • modernizing and extending AWS CloudFormation
  • managing complexity
  • improving productivity

This session should help you move past the basics of CloudFormation and really start to take advantage of what the tool has to offer.

The Tension Between Absolutes & Ambiguity in Security (SEC310) by Eric Brandwine is an instant classic. It’s a great view of how AWS views and manages security at scale. Eric offers a modern view of security that should help shift your perspective away from traditional thinking to what security can be.

“Infrastructure Protection in AWS” was not delivered. That’s unfortunate as there was no equivalent talk about how to tackle these lower level security aspects of your AWS build.

Augmenting Security & Improving Operational Health with AWS CloudTrail (SEC3232) by Sam Koppes was originally tagged as a compliance session and evolved (or was replaced, it’s unclear) with this excellent talk.

In it, Sam explains how to leverage the data CloudTrail collects to setup alerts, draw insights, and automate various security & compliance activities.


Using AWS Lambda as a Security Team (SEC322) by Brittany Doncaster (AWS), Sydney Sweeney (Dow Jones), and Andrew Baird (AWS) is the one talk that security teams who are down on automation need to watch.

This talk doesn’t go too deep on automation but it sets up the argument for why your security team should be all in on AWS Lambda. After watching this talk, your team will understand the reasons behind this type of workflow, the key components, and how to get started…which they should be doing now.

Security sessions tend to have dry, boring titles. Data Protection: Encryption, Availability, Resiliency, and Durability (SEC325) by Peter M. O’Donnell is a perfect example of this trend. And that’s unfortunate because this is an excellent talk.

Encryption is a tough talk and Peter does a great job of making it very accessible. Not only does he cover the conceptual basics but he also provides a great overview of the AWS services and features available to builders to help easily implement encryption at rest and in transit.

From One to Many: Evolving VPC Design (ARC309) is a classic AWS talk. It was first deliver years ago at an AWS Summit and has been a mainstay ever since. Androski Spicer does a great job delivering this talk about the structure of VPCs and how most customers evolve from a simple, default VPC architecture to a complex multi-account, mutli-VPC one.

If you haven’t seen this talk, it’s required viewing for all builders.


AWS Transit Gateway & Transit VPCs, Ref Arch for Many VPCs (NET402) by Nick Matthews evolved from the original abstract to incorporating the game changing new service, AWS Transit Gateway. This new service simplifies multi-VPC designs by creating a central gateway through which all of your VPCs communicate.

Nick handles the complex topic well and by the end of the talk you should have a solid idea of how this new service will affect your current and future VPC designs.

Moving to DevOps the Amazon Way (DEV210) by Aji Zadgaonkar got a new session code (previously DEV208) but still delivers on the original promise of showing how this culture change can help you build better solutions.

Aji is a little quiet in his delivery but if you pay attention — or crank up the volume — you’re hear about some of Amazon’s success and challenges along the way to changing to a DevOps culture.

ARC209-R2 — Architecture Patterns for Multi-Region Active-Active Applications (ARC209) by Amy Che (AWS), Darin Briskman (AWS), and Christopher Lee (Chick-fil-A) give a very high level view of where multi-region architectures make sense.

A lot of builders just assume they need multi-region active-active architectures because they don’t want any downtime. But as they dive in the costs, complexity, and other challenges push back…hard. This talk helps you sort out the pros and cons of these types of designs.

SEC316-R1 — (SEC316) is another classic AWS talk. Like ARC309, this one started years ago at an AWS Summit and has been on the agenda for almost every major event since.

At AWS re:Invent, Brigid Johnson does a fantastic job of delivering this critical IAM talk. If you use IAM — and you do — you need to see this talk at least one. I use the slides as a reference at least once every quarter.

Again, we — the security community — really need to work on our titles. This time, Orchestrate Perimeter Security Across Distributed Applications (SEC326) draws the yawn. But this talk from Nihar Bihani and Jeffrey Lyon at AWS is anything but boring.

The two speakers do a great job of explaining the security challenges facing applications, the benefits of stopping attacks at the edge, and the landscape of AWS Edge services that are available to help tackle these challenges.


Well Operated: A Day in the Life of a Cloud Ops Engineer (ENT312) by Orion Bijleveld and Wallace Simpson at AWS is a great close to this list of security talks. A play on the classic, “A Day in the Life of a Netflix Engineer” and, “Another Day in the Life of a Netflix Engineer” from AWS re:Invent 2015 & 2016 respectively, this talk walks through a typical day of an AWS engineer.

The two speakers do a great job of keeping the tone light and providing some insightful looks behind the curtain of internal AWS activities. I would’ve liked to see a bit more interplay between the speakers and a large font in the screen shares.

Despite these small challenges, this is a very interesting talk that shows AWS faces similar challenges to a lot of us but has a culture that supports creative solutions and one that enforces systems over manual processes.

Unfortunately, my bonus talk, “Build Multichannel Conversational Interfaces Using Amazon Lex” (AIM319) was removed from the catalog and nothing similar replaced it. Fortunately, if you were at AWS re:Invent you could replace this recommendation with the amazingly cool, “Introducing AWS DeepRacer” (AIM367) talk.

More To Explore

There were over 2,000 original sessions at this years AWS re:Invent. Over 3,300 sessions if you count the repeats. That is a mountain 🏔 of content.

The good news is that most of the talks are already available on the AWS YouTube channel. The bad news? It’s hard to decide between getting lost in the talks or diving into the new services, features, and functionality shipped during the conference!

What is your favourite talk of AWS re:Invent 2018? Leave a note in the comment below or let me know on Twitter where I’m @marknca.




☁️🔬 Cloud Strategist @Lacework. @awscloud Community Hero. Builder. Working to make security easier for everyone. Opinionated but always looking to learn

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

AWS Community Day Ahmedabad 2019 Guide

How industries are solving challenges using Ansible?

Migrate Oracle Data to BigQuery using Dataproc and Sqoop

17 Best Resources for Rails Developer

5 Steps For Cleaning Up Your Code In Pure CSS Images

Performance Test for CDN Evaluation with WebPageTest

Should You Learn Vim?

What is the Method-method?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


☁️🔬 Cloud Strategist @Lacework. @awscloud Community Hero. Builder. Working to make security easier for everyone. Opinionated but always looking to learn

More from Medium

AWS Cloud Cost Optimization : Part 1

Flaneer + AWS, a story of Security

Cloud Platforms like AWS and more….!!!!!

Relation Databases in AWS Cloud