AWS re:Invent 2023
Future Proofing Cloud Security a New Operating Model Sec208

Title

AWS re:Invent 2023 - Future-proofing cloud security: A new operating model (SEC208)

Summary

  • Inon Kosiga, co-founder of Wiz, discusses the importance of adopting a new cloud security operating model to future-proof cloud security.
  • The talk covers three main challenges: the rapid growth of new environments, addressing new risks, and embracing a new ownership model where builders manage their own resources.
  • AWS's introduction of new APIs each year presents both opportunities and security considerations.
  • The cloud lifecycle is broken down into three phases: security posture management, secure cloud development, and threat detection and response.
  • The market is moving towards consolidation with Cloud Native Application Protection Platforms (CNAP), reducing the number of tools needed.
  • Wiz's approach includes API-only connections to cloud environments, scanning for vulnerabilities, and identifying attack paths using a security graph built on AWS Neptune.
  • Wiz for AI security was introduced to address the security of AI components in cloud environments.
  • Wiz has tools to integrate security into the development process, including scanning code in GitHub and validating container images.
  • The talk concludes with a fireside chat featuring Steven Craig from Hearst and Adam Lichtenstein from Pfizer, discussing their experiences with cloud security and Wiz.

Insights

  • The rapid pace of cloud innovation requires a new security model that can scale and adapt to new technologies and environments.
  • CNAP is gaining traction as a means to consolidate security tools and simplify cloud security stacks.
  • Wiz's API-only approach and use of a security graph provide a comprehensive view of cloud environments and potential attack paths.
  • The integration of security into the development lifecycle is crucial for preventing vulnerabilities before they reach production.
  • Wiz's new features, such as AI security and GitHub code scanning, demonstrate a commitment to addressing emerging cloud security challenges.
  • The experiences shared by Hearst and Pfizer highlight the importance of visibility, prioritization, and the ability to scale security solutions across large, diverse organizations.
  • The concept of "toxic combinations" introduced by Wiz helps organizations focus on the most critical security issues by identifying interconnected risks.
  • The discussion emphasizes the need for tools that not only detect risks but also empower developers and security teams to remediate them effectively.
Fully Managed Kong Gateway Saas on Konnect and Aws with Live Demo Dop222Future Proofing Your Applications with Aws Databases Dat212 Int