AWS re:Invent 2023
Assess Vendor Risk in Aws Marketplace for Saas Based Solutions Mkt204

Title

AWS re:Invent 2023 - Assess vendor risk in AWS Marketplace for SaaS-based solutions (MKT204)

Summary

  • Tim Honeychurch, a principal in Marketplace for technical business development, discusses the challenges and solutions for vendor risk assessment in AWS Marketplace, specifically for SaaS products.
  • Challenges include the increased rigor of vendor risk assessments due to security incidents, the difficulty in finding software that meets compliance requirements, the labor-intensive process of information exchange for risk assessment, and the point-in-time nature of assessments.
  • AWS designed a solution called AWS Marketplace Vendor Insights to streamline the vendor risk assessment process, allowing buyers to search for software that meets compliance standards, exchange information directly in Marketplace, and perform automated checks of controls in SaaS production environments.
  • Vendor Insights provides a UI experience for buyers to filter and find products with the necessary compliance certifications and specializations, view security profiles, request access to sensitive information, and continuously monitor compliance during the subscription term.
  • The session includes a walkthrough of the UI, demonstrating how to use Vendor Insights to perform risk assessments, and encourages attendees to explore Marketplace, request access to Vendor Insights profiles, and provide feedback.

Insights

  • AWS Marketplace Vendor Insights is a significant development for both buyers and sellers in the AWS ecosystem, addressing the need for a more efficient and continuous vendor risk assessment process.
  • The ability to filter by compliance certifications and specializations within Vendor Insights is a unique feature that enhances the discovery process for buyers, ensuring they find software that aligns with their specific regulatory and business needs.
  • The integration of automated checks and continuous monitoring of SaaS environments through Vendor Insights is a proactive approach to maintaining security and compliance, offering buyers peace of mind that the software they use remains trustworthy over time.
  • The session highlights the importance of collaboration between AWS, ISVs, and customers to improve the procurement experience, suggesting that ISVs not yet on Vendor Insights should consider joining to facilitate better transactions.
  • The emphasis on feedback and customer engagement during the session reflects AWS's commitment to iterative improvement and customer-centric product development.
Are You Well Architected Tnc216At the Cutting Edge Ai Driven Sustainable Digital Telco 5g Networks Tlc302