Earning Customer Trust, A Look at the AWS Security Culture: This session will look at the AWS Security team and the way we work and innovate with customers, help our service teams build secure services, and the things that make us peculiar.
2. Jeff Bezos
CEO, Amazon.com
We've had three big ideas
at Amazon that we've
stuck with for 18 years…
put the customer first,
invent, and be patient.
3. Mechanisms
Encoded behaviors that facilitate
innovative thinking
Architecture
Structure that supports
rapid growth and change
Culture
Customer obsession,
hire builders, let them build,
support them with a belief
system
Amazon’s Innovation Approach
Organization
Small, empowered
teams that own what
they create
8. Self-service Platforms
without Gatekeepers
We are creating powerful self-service platforms that
allow thousands of people to boldly experiment and
accomplish things that would otherwise be impossible
or impractical.
9. AWS is continually
expanding to
support virtually
any cloud workload
More than 90 services, including:
Compute Storage Networking Database
Analytics App
services
Deployment Mobile
Management
12. Culture of
Experimentation:
We Give Our People
Freedom To Innovate
Joi Ito
“Want to increase innovation?
Lower the cost of failure”
Rapid iteration –
17. How AWS handles security at scale
• We operate over thousands of controls, but multiply that by
over 90 services, over a period of 6 months that’s a lot of
controls to scale and operate.
• We collect petabytes of logs on our own data
18. AWS CloudTrail logs are a treasure trove of information
• Examples: event type, source IP, principal/AKID, MFA used
Use data to rapidly detect and respond to threats
• “Walking” credentials
• Compromised accounts
• Other malicious behavior
Detecting anomalies through AWS CloudTrail Logs
22. AWS Security Epics Accelerator
Security Engineer Security Engineer
Security Engineer Security Engineer
Security Engineer
• Build one or more security
epics delivery team
• Run a series of security
sprints to to secure the
customer’s cloud journey Security Engineer