AWS Security Essentials

Are you using or moving to AWS? Have you considered how you organize and secure your AWS environments? The growing push to cloud providers has allowed us to move faster and tackle problems more efficiently. The same freedoms that have allowed us to move faster have also created scenarios where security issues are exposed by accident and/or without proper management and review. As companies move toward more and more cloud usage, teams are pushed harder to ensure the same compliance and security requirements that exist in slower moving private environments. This has the potential to put us right back where we came from.

Join Aaron as he talks through the most critical security decisions you can make for you AWS environments. He will identify issues and solutions in an automation friendly fashion that aim to fit seamlessly into the development and deployment lifecycle. This session will cover the following topics:

  • Account provisioning and IAM
  • Credential management
  • VPC setup and network design
  • AWS services that boost your security posture
  • Auditing AWS configurations to find security holes
  • Creating a robust CI pipeline that ensures no obvious security holes are present within your environments

In addition to these topics a heavy emphasis on both platform and server automation will be included. Please note that this session is heavily tuned to people using Amazon Web Services. If you are using another Cloud provider the ideas will still be relevant, but not all solutions will be available for your provider.


Aaron Bedra

About Aaron Bedra

Aaron Bedra is a Senior Engineer at DRW, where he works at the intersection trading and technology. He has served as a Chief Security Officer, Chief Technology Officer, and Principal Engineer/Architect. He has worked professionally on programming languages, most notably Clojure and ClojureScript. Aaron is the creator of Repsheet, an open source threat intelligence toolkit. He is the co-author of Programming Clojure, 2nd and 3rd Edition and a contributor to Functional Programming: A PragPub Anthology.

More About Aaron »