AWS re:Inforce Keynote: 7 Big Security, Ukraine, Ransomware Remarks

From unveiling new security products to how AWS is helping Ukraine combat Russia’s invasion, here are seven of the most interesting remarks during today’s keynote at AWS re:Inforce.

7 Boldest Keynote Remarks At AWS re:Inforce

Hundreds of security experts, technologists and channel partners flocked to the AWS re:Inforce security conference today in Boston to learn about AWS’ security vision and new cybersecurity launches.

The Seattle, Wash.-based worldwide cloud market leader is continuing to invest in boosting its security capabilities as seen with the launch of new AWS solutions today such as Amazon GuardDuty Malware Protection and Amazon Detective for EKS as well as new features to the AWS Marketplace.

Additionally, AWS unveiled a slew of new technical security specializations and competencies aimed at boosting its partners ability to provide customers with the best cloud security possible.

AWS re:Inforce comes at a time of exponential growth for AWS. Amazon’s cloud business arm generated $18.4 billion during its first fiscal quarter, representing a 37 percent increase year over year. AWS is now eying an annualized sales run rate of a whopping $74 billion.

[Related: AWS’ New Security Specializations For MSSPs Removes ‘Ambiguity’]

AWS re:Inforce 2022

Hundreds of people were in attendance at AWS re:Inforce 2022 today, which takes place July 26 and July 27 in Boston, with thousands more watching virtually.

In addition to new product launches, AWS’ security leaders spoke about ransomware prevention as well as how the global cloud leader is helping Ukraine’s fight against its Russian invaders.

“A lot of the Russian intent was not only an acquisition of territory, but erasure of Ukrainian identity and culture,” said Stephen Schmidt, chief security officer at Amazon during his keynote presentation. “And that’s something that we didn’t think was something that should be stood for.”

The keynote was led by Schmidt; CJ Moses, AWS’ chief information security officer; and Kurt Kufeld, vice president of AWS Platform.

Here are the seven boldest remarks from AWS’ top cybersecurity leaders around new security products, how the cloud giant is aiding Ukraine, ransomware and AWS’ bullish security vision.

‘Every Single Month, We Track Quadrillions Of Events’

Amazon Chief Security Officer Stephen Schmidt

At our scale, every outlier scenario that can happen does. And I’m talking about those disproportionately hard to predict and rare events that are beyond the realm of normal expectations in history, science, finance, technology—we see those happening routinely in AWS.

Because if we had one per billion use cases impact operations every day, we wouldn’t have cloud anymore, because our margin for error is so slim.

It says on the slide here, ‘billions’ on the screen, but I’ll give you another big number—and that’s quadrillions.

Every single month, we track quadrillions of events. That’s a number that has 15 zeros.

So we’re not reliant on the expertise of AWS security alone, we’re relying on the security interests, focus and creativity of millions of customers as well. You can see this at scale kind of thing at work with a service like Amazon GuardDuty. This is a service that’s learning every single day. And your instance of a service like this is augmented by the clouds’ overall usage, because we learned from the totality of what our customers are doing.

That novel threat on Monday morning becomes a known quantity minutes or hours later. And both AWS and our partners, are operating with our customers to make sure that those learnings get wide distribution. That means we’re being shaped by you every single day to meet your security needs.

AWS ‘Devices Became Critical In Protecting And Preserving Ukraine’s Data And Culture’

Amazon Chief Security Officer Stephen Schmidt

I’d like to take a moment to recognize the work that’s been happening to assist those in Ukraine who have been sacrificing everything to repel an immoral invasion by Russia.

On February 24, the date of the invasion, AWS met with Ukrainian government. The discussion focused on bringing our AWS Snowball devices, which is our secure edge computing devices, into Ukraine to help secure, store, and transfer data to the cloud.

A lot of people wonder why that was such a big focus. It’s because a lot of the Russian intent was not only an acquisition of territory, but erasure of Ukrainian identity and culture. And that’s something that we didn’t think was something that should be stood for.

So two days later, the Snowballs we sent reach their destinations in Ukraine.

These devices became critical in protecting and preserving Ukraine’s data, and thus, the history of their culture.

We’ve migrated data from 27 Ukrainian ministries, 18 Ukrainian universities, and the largest remote school. That school, by the way, supports several hundred-of-thousands of children in remote learning because they’re displaced.

We’ve seen 61 government data migrations to AWS and more coming.

Ukraine’s largest private bank, PrivatBank—which serves about 40 percent of Ukrainian population—has now moved all of their operations to the cloud. That’s 270 applications totaling about 4 petabytes of client data that previously resided on about 3,500 Ukraine based servers.

This enables PrivatBank customers to keep access to their funds online despite the efforts of the Russian intelligence services to disrupt the communications infrastructure.

There are moments in history where you have to roll up your sleeves and do the right thing. For us, this is one of those moments and I’m really proud of the way the team has responded and will continue to respond.

New Amazon Detective for EKS

AWS Platform VP Kurt Kufeld

I’m pleased to announce Amazon Detective for EKS [Elastic Kubernetes Service].

It analyzes, investigates, and identifies the root cause of security findings or suspicious control plane activity on EKS clusters.

With a single click setting and no agent requirement, it is much easier to start analyzing Amazon EKS specific activity.

Examples such as Kubernetes, API, method usage, container services, user behavior, and pod details.

It uses advanced correlation and graph-based analytics to investigate security findings from suspicious container images or container misconfigurations that may allow access to the underlying EC2 Nodes.

How To Prevent Ransomware Attacks

AWS Chief Information Officer CJ Moses

The topic that makes regular headlines, ransomware, seems to be the one that does that. How can you prepare yourself here?

Well, start by validating your critical processes well before an event. Testing things after bad things have already happened is the worst case. And invariably, they will have failed.

Run tabletop exercises prior: you don’t want to find out about a critical flaw on the plan during a real issue. And clearly, we have a few services that might be able to help you here.

Of course, use Amazon Inspector to detect vulnerabilities ahead of time; Amazon GuardDuty to detect anomalous activity; and finally, use the Vault feature of AWS Backup. If your own admins can alter or delete data, neither can the attacker, right?

New Amazon GuardDuty Malware Protection

AWS Platform VP Kurt Kufeld

Another launch happening today is GuardDuty Malware Protection. This applies to Amazon EC2 instances and container workloads backed by EBS, or Amazon Elastic Block Storage.

When GuardDuty Malware Protection feature is enabled and detects suspicious activity on a workload, it takes a snapshot of the associated EBS album in parallel to the workload that’s going on.

It then analyzes that with compute the runs in the AWS service account, not your account, so as not to disturb the workload or requiring any agents or security software to be deployed inside your workload.

When malware is detected, GuardDuty Malware Protection automatically sends additional contextualize malware findings to GuardDuty console, AWS Security Hub, Amazon EventBridge and Amazon Detective, and describes the potential source of the suspicious activity.

New Security Competency For Partners

AWS Chief Information Officer CJ Moses

I’m excited to share with you that our AWS Partner Network has relaunched the security competencies category for perimeter protection, as well as for security partners.

That core security partner actually encompasses a full suite of consulting services within it. We want to assist customers in avoiding security jargon, so they can pinpoint that third party software to support them—all of course, validated by AWS.

Because our AWS Security Competency partners are critical to extending the benefits of AWS, we took customer feedback to do a global redesign.

So that competency is now organized into eight categories that address over 40 unique customer security use cases, including software and professional service support.

They’re also new categories for threat detection and response, as well as for clients and privacy.

Software Security Competency partners successfully underwent a rigorous technical and operational validation process with AWS security experts. … These are things that we like to do to make sure that we have confidence in everything that we’re providing to our joint customers.

New MSSP Specializations

AWS Chief Information Officer CJ Moses

Our Level One MSSP Competency partners have also made some enhancements.

Now customers can find third party support for software, professionally and managed services. These have also been validated by our AWS security experts and are available on the AWS Marketplace.

Critically, our Level One MSSP category features AWS validated offerings. I’d say 24-by-7 is a nice number for availability and that’s exactly what you get with these.

We’re also the first cloud provider to launch a baseline quality standard Partner Program with Level One Managed Security Services and associated Level One MSSP Competency.

We’re introducing six new 24-by-7 managed security specialization categories to address customer requests for even more support.

We hear the need, and we’re here to support you in that.