SECURITY EDITION

April 12, 2024

Computer History Museum

0 0 0

00

Days

00

Hours

00

Minutes

00

Seconds

About

Speakers

Agenda

Volunteers

Sponsors

Venue

Contact Us

Register

About

Speakers

Agenda

Volunteers

Sponsors

Venue

Contact Us

AWS Community Day

About AWS Community Day

The world would be such a better place if everyone took information security seriously. Simple misconfigurations and poor security hygiene can lead to catastrophic losses. Education and awareness are the keys to avoiding such disasters.

This Community Day, let's pledge to learn something new, or to make a new friend in the community, or find a security management tool to help us make the world a better place.

The AWS Community Day features expert-led talks, technical workshops, hands-on labs, and networking opportunities with industry leaders and fellow enthusiasts from around the globe. Whether you're an experienced professional or a newcomer in the world of AWS, come join us. Be part of the movement to create a better, smarter, and more connected world.

Topics at the AWS Community Day

Security Governance
Security Assurance
Identity And Access Management
Threat Detection
Vulnerability Management
Infrastructure Protection
Data Protection
Application Security
Incident Response

KEYNOTE SPEAKER

Peter M. O’Donnell - Principal Solutions Architect, Security at AWS

Peter M. O’Donnell - Principal Solutions Architect, Security at AWS

Meet Peter M. O’Donnell, our esteemed keynote speaker for the AWS Community Day. Peter is an AWS Principal Solutions Architect, specializing in security, risk, and compliance with the Strategic Accounts team. He supports some of AWS’s largest and most complex strategic customers in security and security-related topics, including data protection, cryptography, identity, threat modeling, compliance, CISO engagement, and more.

A former Unix sysadmin turned risk management consultant, Peter joined AWS as an enterprise solutions architect in 2015 and was dedicated to a major US bank to support their journey to go all-in on the cloud. In 2019, he transitioned to a security specialist SA role where he has built deep technical relationships with security teams and CISOs helping to keep them safe and secure on AWS. He holds the Solutions Architect Professional, DevOps Engineer Professional, and Security Specialty AWS certifications. He also received a bachelor of science in computer information systems from American University and an MBA from George Washington University.

DISTINGUISHED SPEAKERS

I want to be a speaker!
Data Architect @ AWS

Ajjay Govindaram

Data Architect @ AWS

Responsible AI and Security in the generative era: Science and practice

The rapid growth of generative AI brings promising innovation and, at the same time, raises new challenges around its security, safe, and responsible development and use. These challenges include some that were common before generative AI, such as bias and explainability, and new ones unique to generative models, including hallucinations, toxicity, and intellectual property protection. During this session, participants will gain an overview of the challenges that generative AI presents, survey the emerging science surrounding these challenges, and engage in a discussion about the hands-on, security, and Responsible AI work currently being conducted on AWS.

View in Agenda
Partner Solutions Architect @ AWS.

Babak Parvizi

Partner Solutions Architect @ AWS.

Enabling SaaS Networking, Routing and Security Using Amazon VPC Lattice

Transitioning to a software-as-a-service (SaaS) model often involves managing multiple AWS accounts and Virtual Private Clouds (VPCs), posing challenges in service deployment, communication, and security across diverse compute options like serverless, containers, and instances. These complexities can hinder operational efficiency and agility for SaaS organizations in a competitive landscape. However, Amazon VPC Lattice offers a solution by simplifying the networking experience in a multi-tenant environment, enabling seamless connection, security, and management across any compute option, account, and VPC. This innovative approach eliminates the hurdles of VPC peering, transit gateways, and CIDR block overlaps, enhancing flexibility, security, and speed. This talk dives into utilizing VPC Lattice to streamline network connectivity, security, and monitoring in a multi-account, multi-VPC SaaS setup to drive efficiency for your SaaS organization.

View in Agenda
Developer Relations @ AWS.

Banjo Obayomi

Developer Relations @ AWS.

Building with Generative AI on AWS using PartyRock, Amazon Bedrock, and Amazon Q (Laptop Required)

Workshop: Learn to build generative AI applications on AWS using PartyRock and Amazon Bedrock. You will gain skills in prompt engineering and using the Bedrock API. We will also explore how to 'chat with your documents' through knowledge bases, retrieval augmented generation (RAG), embeddings, and agents. We will also use next generation developer tools Amazon Q and Amazon CodeWhisperer to assist in coding and debugging. You will be provided an AWS account to go through this workshop. Some familiarly with using services such as AWS Lambda and writing Python code is helpful. No AI/ML experience is necessary. This workshop is intended to be finished within 2 hours.

View in Agenda
Principal Developer Advocate @ AWS

Gunnar Grosch

Principal Developer Advocate @ AWS

Developer Mindset: Embracing GitOps for Network Security and Compliance

As modern cloud-native applications evolve, the traditional network testing and security compliance in infrastructure deployments often struggle to keep up. In this talk we will discuss how leveraging GitOps and Generative AI allows for automated consistent network testing, security compliance enforcement, validation testing and standardization of infrastructure deployments across an organization.

View in Agenda
Senior Solutions Architect @AWS

Ishneet Kaur Dua

Senior Solutions Architect @AWS

Responsible AI and Security in the generative era: Science and practice

Panelist. Senior Solutions Architect based in the San Francisco Bay Area. She helps AWS enterprise customers grow by understanding their goals and challenges, and guides them on how they can architect their applications in a cloud-native manner while ensuring resilience and scalability. She is passionate about generative AI, Ethical and Responsible AI, machine learning technologies and environmental sustainability.

View in Agenda
Technical Evangelist @ StrongDM.

John Martinez

Technical Evangelist @ StrongDM.

Real-world Authorization

Authorization policy languages like AWS Cedar and OpenFGA have opened up the world to implementing fine-grained access controls in your own applications. This is great for your API gateways, but what about the mission-critical infrastructure your Cloud, IT and security staff need to support and secure every day? How can IAM admins provide modern, fine-grained authorization to the databases, k8s clusters, and servers that host our digital kingdoms? Let's talk about: - The state of authorization in 2024 - Beyond Least Privilege: Continuous authorization and where it fits in your security strategy - You’re not thinking small enough: Fine-grained permissions - Cedar policies and the power of simplicity - Where do we go next from here?

View in Agenda
Author and Entrepreneur.

John Willis

Author and Entrepreneur.

Augmenting Intelligence: Deming's Legacy and the Future of Generative AI

Recently, I published a book about Dr. Edwards Deming called Deming’s Journey to Profound Knowledge. You know who Dr. Deming is if you don’t already. Many consider him the progenitor of agile, lean, and DevOps. Let me let you read the book. I was finishing my book as ChatGPT was launching on the tech scene. My book helped me learn how to train and use Large Language Models (LLMs). This presentation provides a detailed overview of the data strategies for training or, more specifically, augmenting an LLM. I will give an overview of the current Generative AI landscape, including vector databases, LLM orchestration, foundational LLMs, and LLM testing and observability. I will be demonstrating actual code examples if the demo gods are forgiving.

View in Agenda
Global Technologist @ Veeam

Julia Furst Morgado

Global Technologist @ Veeam

You're Hit by a Ransomware Attack, What's Next?

Ransomware is the buzzword of the day, and in this talk, Julia Furst Morgado from Veeam will address what happens when an organization is hit by a ransomware attack. The talk will focus on immediate and long-term steps an organization should take in response to such an attack. It will also cover preventive measures and best practices for ransomware protection. This session is aimed at business-focused professionals, providing them with practical advice and strategies to deal with ransomware threats.

View in Agenda
Principal TAM @ AWS.

Manas Satpathi

Principal TAM @ AWS.

Architecture patterns to Auto-Remediate AWS Trusted Advisor Critical Security Findings

Are you looking to optimize your AWS resources and ensure best practices are followed? Join us for an insightful dive deep session into the world of AWS Trusted Advisor and how you can leverage it to streamline your operations. Learn how you can benefit by implementing architecture patterns to auto-remediate best practice deviations detected by AWS Trusted Advisor, respond quickly to security vulnerabilities and continue to optimize your AWS environment!

View in Agenda
Cloud Security Architect @ Check Point

Marlon Chung

Cloud Security Architect @ Check Point

Securing APIs in the Modern Cloud

APIs have emerged as one of the most important parts of the modern Internet. Many services use APIs to implement modularity or expose various functions to their users. However, APIs also face significant security threats as 84% of the Global Internet traffic is based on API's. In addition to common threats related to web applications, APIs also have their own dedicated list of potential vulnerabilities. Some API security best practices that can help to manage these security risks are Authentication and Authorization, Zero-trust access management, Monitor and alert on anomalous activity and many more. These API security best practices helps to protect valuable components of an IT infrastructure. Join my session as I share with the journey of API's, their impact on the modern cloud and securing your API's.

View in Agenda
Chief Cloud Security Architect @ Xebia

Michal Brygidyn

Chief Cloud Security Architect @ Xebia

Cloud Hacking Scenarios

You’ve been hearing a lot about security best practices in the cloud, but have you ever seen them broken? This talk goes through various security scenarios in the cloud, showing how an attacker could potentially compromise a poorly configured cloud environment. The session will cover the common mistakes made when setting up cloud environments and demonstrate how these can be exploited. Attendees will learn about the importance of following best practices in cloud security and how to avoid becoming a victim of these common security issues.

View in Agenda
Senior Solutions Architect @AWS

Parth Patel

Senior Solutions Architect @AWS

Responsible AI and Security in the generative era: Science and practice

Panelist. Solutions Architect at AWS in the San Francisco Bay Area. Parth guides customers to accelerate their journey to the cloud and help them adopt and grow on the AWS Cloud successfully. He focuses on machine learning, environmental sustainability, and application modernization.

View in Agenda
AWS Community Hero @ Answers for AWS

Peter Sankauskas

AWS Community Hero @ Answers for AWS

AWS Control Tower: How to adopt it

AWS Control Tower can is a great tool for a growing organization to manage their AWS accounts. In this session, Peter Sankauskas will provide insights into how to adopt AWS Control Tower for your organization. He will discuss its benefits, potential pitfalls, and best practices for implementation. This session is particularly useful for organizations looking to scale their AWS usage efficiently and securely. Attendees will gain practical knowledge on how to leverage AWS Control Tower to manage their cloud infrastructure effectively.

View in Agenda
AWS Security Hero & Security Engineer

Richard Fan

AWS Security Hero & Security Engineer

When Data Collaboration Meets Privacy: Privacy-Preserving Data Analysis on the Cloud

With the boom of data generated on the cloud, collaboration around this data is becoming increasingly important. However, privacy concerns are a major obstacle. This talk explores the intersection of data collaboration and privacy, focusing on privacy-preserving data analysis techniques on the cloud. Attendees will learn about different methods and tools available to ensure data privacy while enabling effective data collaboration. This talk is especially relevant for organizations that deal with sensitive data and need to balance collaboration with privacy.

View in Agenda
Head of Products @ Heimdall Data

Roland Lee

Head of Products @ Heimdall Data

Managing Database Roles with Active Directory/LDAP for SOX Compliance

For Amazon RDS / Redshift, Enterprises use Active Directory / LDAP to centralize user authentication and group membership. But this presents two challenges: • SOX (Sarbanes Oxley) and SoD (Segregation of Duties) non-compliance, as security teams lose visibility and control of data access. • Databases have to be preconfigured with users and roles, increasing IT management burden. In this session, we will discuss ways to secure data access for SOX and SoD compliance, while removing the need data teams to manage the user credentials and roles.

View in Agenda
Sr. Solutions Architect @ AWS.

Sandeep Mohanty

Sr. Solutions Architect @ AWS.

Architecture patterns to Auto-Remediate AWS Trusted Advisor Critical Security Findings

Are you looking to optimize your AWS resources and ensure best practices are followed? Join us for an insightful dive deep session into the world of AWS Trusted Advisor and how you can leverage it to streamline your operations. Learn how you can benefit by implementing architecture patterns to auto-remediate best practice deviations detected by AWS Trusted Advisor, respond quickly to security vulnerabilities and continue to optimize your AWS environment!

View in Agenda
Head of Marketing & Developer Relations @ Skyflow

Sean Falconer

Head of Marketing & Developer Relations @ Skyflow

The Data Cloud's Cheese and Diamond Problem

In the backends of many products, there’s a users database table or equivalent containing user data like names, emails, phone numbers, and addresses. This data is treated and protected as any other application data. A security perimeter is put around it, but from within the perimeter, applications and sometimes employees have full access. Treating users' PII data like any other application data is a fundamentally flawed design choice. User data is special and must be treated that way. Just as I don’t store my diamonds in the refrigerator with my cheese, user data doesn’t belong in your application storage intermixed with your other data. It must be isolated and protected. In this talk, we explore this topic in detail, making a case that the only way to stop the epidemic of data breaches and meet consumer and regulatory demands for data privacy is to fundamentally change our mindsets about how to store and manage PII.

View in Agenda

AGENDA

TimeSession Details
Morning Sessions
08:00 AM - 4:00 PM
Badge pick up, Assisted Registration, Information Desk - Grand Lobby
08:30 AM - 09:30 AM
1 hour
Breakfast and Networking - Grand Hall
09:30 AM - 10:00 AM
30 minutes
Welcome, Introductions and Sponsors Parade - John Varghese, AWS Hero - Hahn Auditorium
10:00 AM - 10:45 AM
45 minutes
Keynote - Security in the age of Gen AI - Peter M. O’Donnell - Principal Solutions Architect, Security at AWS - Hahn Auditorium
10:45 AM - 11:15 AM
30 minutes
Tea/coffee break and Networking - Grand Hall Sponsored by AWS
Tracks
Hahn Auditorium
Lovelace
Boole
11:15 AM - 11:55 AM
40 minutes
Cloud Hacking Scenarios

--Michal Brygidyn

Architecture patterns to Auto-Remediate AWS Trusted Advisor Critical Security Findings

--Manas Satpathi, Sandeep Mohanty

Augmenting Intelligence: Deming's Legacy and the Future of Generative AI

--John Willis

12:00 AM - 12:25 noon
25 minutes
When Data Collaboration Meets Privacy: Privacy-enhancing Technologies on AWS

--Richard Fan

You're Hit by a Ransomware Attack, What's Next?

--Julia Furst Morgado

Securing APIs in the Modern Cloud

--Marlon Chung

12:30 noon - 1:30 PM
1 hour
Lunch and Networking - Grand Hall SPONSORS WANTED!!
Post Lunch Sessions
Tracks
Hahn Auditorium
Lovelace
Boole
1:30 PM - 1:55 PM
25 minutes
Managing Database Roles with Active Directory/LDAP for SOX Compliance

--Roland Lee

AWS Control Tower: How to adopt it

--Peter Sankauskas

The Data Cloud's Cheese and Diamond Problem

--Sean Falconer

2:00 PM - 2:25 PM
25 minutes
Developer Mindset: Embracing GitOps for Network Security and Compliance

--Gunnar Grosch

Real-world Authorization

--John Martinez

Enabling SaaS Networking, Routing and Security Using Amazon VPC Lattice

--Babak Parvizi

2:30 PM - 2:55 PM
25 minutes
Afternoon Tea break SPONSORS WANTED!!
Tracks
Hahn Auditorium
Hahn Auditorium
Hahn Auditorium
3:00 PM - 3:45 PM
45 minutes
Panel Discussion: Security and Data Privacy - Implementing Responsible Practices on AWS
The rapid advancement of generative AI has sparked exciting new capabilities in content creation, personalization and more. However, without proper security and privacy safeguards, these powerful systems also carry risks like data exposure, algorithmic bias, and potential misuse. This panel brings together AWS experts in AI, cloud security and data governance to discuss best practices for developing responsible and trustworthy AI systems on AWS. Panelists will provide guidance on privacy-preserving data handling, securing access to sensitive training data, and auditing AI models for unintended bias. They will also share AWS services like PrivateLink, encryption, access controls, and SageMaker Clarify that can assist in keeping generative AI secure and ethical. Through an interactive moderated discussion and Q&A, attendees will learn actionable strategies for architecting private, trustworthy AI workflows spanning data collection, model development, and prediction serving. The panel will cover crucial lessons as companies leverage generative models and AWS AI services across diverse industries and applications. Attendees will take away implementation recommendations to build secure, compliant and responsible AI systems that earn customer trust.
Panelists: Ishneet Kaur Dua, Parth Patel
Moderator: Ajjay Govindaram
3:45 PM - 4:00 PM
15 minutes
Raffle & Closing Note - Hahn Auditorium

VOLUNTEERS

Platinum Sponsors

AWS

AWS

Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.

Gold Sponsors

Check Point

Check Point

The Leading Cyber Security Platform. Fueled by AI, the Check Point Infinity platform autonomously predicts and prevents attacks across networks, clouds, endpoints and devices. Explore our Network, Cloud, User and Access security products with a personalized demo from one of our security experts.

GitLab

GitLab

Software. Faster. GitLab is the most comprehensive AI-powered DevSecOps Platform.

Silver Sponsors

DNAnexus

DNAnexus

The world's most secure, trusted cloud platform and global network for scientific collaboration and accelerated discovery.


COMMUNITY PARTNERS

AWS Bay AreaBay Area InfracodersPublic Cloud SecurityAdvanced AWSAWS East Bay Official EventsData Science on AWS

Venue

Computer History Museum

1401 N Shoreline Blvd,

Mountain View, CA 94043