SECURITY EDITION
April 10, 2026
Computer History Museum
0 0 0
00
Days
00
Hours
00
Minutes
00
Seconds
AWS Community Day
About AWS Community Day
Security isn't just a "nice to have"—it's the foundation of everything we build.
The cloud is moving faster than ever. With the rise of Generative and Agentic AI, the stakes for security have never been higher. A single misconfiguration in your Amazon Bedrock setup or an over-privileged AI agent can lead to a data breach at machine speed.
Join us at the AWS Community Day Bay Area for a day dedicated to education, awareness, and community. We're moving past the hype and into the utility phase—learning how to build secure-by-design AI workloads and leveraging AI-driven tools to protect our infrastructure.
Why you should be at the AWS Community Day
Security for AI: Learn to harden your AI workloads and secure the LLM supply chain.
AI for Security: See how autonomous agents and Amazon Q help detect and remediate threats before they escalate.
Expert-Led Learning: Dive into technical workshops and hands-on labs that go beyond the basics.
The Bay Area Network: Connect with industry leaders and fellow enthusiasts who are building the next generation of the cloud.
Whether you're an experienced architect or a cloud newcomer, join us to make your skills—and our world—smarter, safer, and more connected.
KEYNOTE SPEAKERS
Christopher Rae: Head of AI Security Go-to-Market, AWS
Christopher Rae leads AI Security Go-to-Market for the AWS Worldwide Specialist Organization, where he defines global strategy for securing AI workloads and advancing AI-powered security capabilities. His work focuses on helping customers adopt AI on AWS securely by embedding secure-by-design and defense-in-depth principles across services such as Amazon Bedrock, Amazon SageMaker, Amazon Q, and open-source AI solutions.
With deep expertise spanning cybersecurity, artificial intelligence, and emerging technologies, Christopher brings a rare blend of technical architecture and business strategy. He is a frequent advisor, speaker, and thought leader on AI security, engaging with executive leadership, field teams, and the broader community to turn security into a competitive advantage while enabling innovation at scale.
Sarah Currey: Principal Practice Manager for AWS Security
Sarah Currey is a Principal Practice Manager for AWS Security, where she works closely with AWS leadership to shape and strengthen security practices, culture, and strategy across the organization. Partnering directly with the AWS Security VP, Sarah focuses on building long-term security programs that protect customers and internal teams while fostering a blame-free, learning-driven security culture.
Her work spans three core areas: developing forward-looking security strategy and leadership capability, building scalable mechanisms that improve security readiness and resilience, and driving meaningful community impact through security initiatives and sponsorships. With a deep commitment to continuous improvement and innovation, Sarah brings a practical, human-centered perspective to security that resonates far beyond technology alone.
DISTINGUISHED SPEAKERS
Brandon Carroll
AWS
Securing AWS Network Traffic: Network Firewall & DNS Firewall Workshop [Intermediate]
Hands-on workshop implementing defense-in-depth network security with AWS Network Firewall and Route 53 DNS Firewall. Secure egress traffic, prevent lateral movement, analyze C2 scenarios, and implement TLS inspection with Suricata rules and AWS managed threat intelligence.
View in Agenda
Ishneet Kaur Dua
Senior Solutions Architect @AWS
Securing Large Language Models: Best Practices for Prompt Engineering and Mitigating Prompt Injection Attacks [Beginner]
Security guardrails for mitigating prompt injection attacks in LLMs. Covers authentication, encryption, and optimized prompt designs to improve reliability and trustworthiness of AI outputs while enabling responsible AI practices.
View in Agenda
Josh Grant
SMS Data Products
Baked to Best Practice: Securing Secrets in Amazon ECS [Beginner]
Examine four common patterns for getting secrets into ECS containers. From anti-patterns (baked images, plaintext env vars) to ECS native secrets injection and application-level retrieval. Understand which threats each pattern addresses and choose the right approach.
View in Agenda
Manas Satpahti
Principal Technical Account Manager @ AWS
Simplify Security Events Log Analysis with Amazon Q [Advanced]
Build security apps with Amazon Q to analyze AWS accounts for compliance. Centralize security logs from AWS services and analyze using an intuitive chatbot interface with natural language queries.
View in Agenda
Masoom Tulsiani
European Commission
Automating Security Posture at Scale using Security Hub [Advanced]
Drowning in security alerts from CVE Scans & EKS audit logs? Learn to build a global central security posture using AWS Security Hub, Security Lake, EventBridge, Lambda, GuardDuty, and Inspector. Normalize findings, optimize queries, and automate remediation.
View in Agenda
Oleksandr Kuzminskyi
InfraHouse
ISO 27001 on AWS: Building Compliance Into the Architecture [Intermediate]
Build ISO 27001 compliance into AWS architecture from day one. AWS Control Tower, IAM Identity Center with MFA, KMS encryption, centralized logging. Use Security Hub as a live compliance scorecard with CIS Foundations Benchmark. Everything in Terraform, reviewed in PRs.
View in Agenda
Pham Nguyen Hai Anh
G-AsiaPacific Vietnam, AWS Community Builder (Security)
GenAI-Powered Auto Audit for AWS Workload [Advanced]
AI-powered automated audit framework for FSI compliance. Transcends AWS native limitations by mapping unsupported security standards (ISO 27001:2022, PCI-DSS v4.0) into audit rules. Uses Cloud Control API for comprehensive resource coverage. Dramatically reduces manual effort while improving compliance accuracy.
View in Agenda
Parth Girish Patel
Sr AI/ML Architect @ AWS
Securing Large Language Models: Best Practices for Prompt Engineering and Mitigating Prompt Injection Attacks [Beginner]
Security guardrails for mitigating prompt injection attacks in LLMs. Covers authentication, encryption, and optimized prompt designs to improve reliability and trustworthiness of AI outputs while enabling responsible AI practices.
View in Agenda
Peter Sankauskas
AWS Community Hero @ Answers for AWS
Everything you didn't want to know about IAM [Beginner]
Debug those "not authorized to perform" errors! Learn how IAM is designed, different types of policies and when they're useful. Leave with techniques for understanding and fixing access issues.
View in Agenda
Sandeep Mohanty
Sr. Solutions Architect @ AWS
Simplify Security Events Log Analysis with Amazon Q [Advanced]
Build security apps with Amazon Q to analyze AWS accounts for compliance. Centralize security logs from AWS services and analyze using an intuitive chatbot interface with natural language queries.
View in Agenda
Satish Jipster
Security specialist at SNOW Upgrade
Securing Generative AI applications using AWS Services [Business Focused]
Secure GenAI apps with AWS tools: IAM, KMS, SageMaker for secure development. Covers encryption, VPCs, AWS Shield, WAF, CloudWatch monitoring, and Audit Manager compliance. Build secure, scalable AI applications on AWS.
View in Agenda
Shivansh Singh
Technical Leader, AWS Solutions Architecture
From Prototype to Production: Spec-Driven Development with Kiro [Advanced]
Move beyond "vibe coding" to structured development with Kiro's agentic IDE. Learn spec-driven development with requirements, designs, and tasks. Property-based testing, checkpointing, and Kiro Powers help teams ship faster while maintaining quality.
View in Agenda
Stefano Amorelli
OWASP GenAI Security Project
Applied OWASP Top 10 ASI on AWS Strands [Advanced]
Hands-on agentic AI security using AWS Strands Agents SDK. Walk through OWASP Top 10 agentic risks including goal hijacking, tool misuse, MCP supply chain vulnerabilities, memory poisoning, and insecure inter-agent communication with live demos.
View in Agenda
Teri Radichel
Founder/ Principal Pentester, Researcher, Author
Threat Modeling a Batch Job System on AWS [Advanced]
Walk through threats, mitigations, and unpublished developments for deploying and running batch jobs securely in a production AWS environment. Learn from real pentesting experience with tools like Prowler.
View in Agenda
AGENDA
| Time | Session Details | |||
|---|---|---|---|---|
Morning Sessions | ||||
08:00 AM - 4:00 PM | Badge pick up, Assisted Registration, Information Desk - Grand Lobby | |||
08:30 AM - 09:20 AM 50 minutes | Breakfast and Networking - Grand Hall Closes 10 minutes before Keynote. | |||
09:30 AM - 10:00 AM 30 minutes | Welcome, Introductions and Sponsors Parade - John Varghese - AWS Hero - Hahn Auditorium | |||
10:00 AM - 10:45 AM 45 minutes | Keynote - Everything starts with Security - Christopher Rae, Sarah Currey - Hahn Auditorium | |||
10:45 AM - 11:15 AM 30 minutes | Tea/coffee break and Networking - Grand Hall Sponsored by AWS | |||
Tracks | Hahn Auditorium | Lovelace | Boole | Glass rooms |
11:15 AM - 11:45 AM 30 minutes | GenAI Auto Audit for AWS --Pham Nguyen Hai Anh | OWASP Top 10 for Agentic AI --Stefano Amorelli | Securing Secrets in ECS --Josh Grant | Builder Cards --Shivansh Singh |
11:50 AM - 12:30 PM 40 minutes | Spec-Driven Development with Kiro --Shivansh Singh | |||
12:20 PM - 1:20 PM 1 hour | Lunch and Networking - Grand Hall SPONSORS WANTED!! Also Brain Date | |||
Post Lunch Sessions | ||||
Tracks | Hahn Auditorium | Lovelace | Boole | Brain Date topics |
1:30 PM - 1:55 PM 25 minutes | Workshop: Network Firewall & DNS Firewall 120 minutes - continues through tea break --Brandon Carroll | Threat Modeling Batch Jobs --Teri Radichel | Securing GenAI with AWS --Satish Jipster | Brain Date --Conference Attendees |
2:00 PM - 2:25 PM 25 minutes | ISO 27001 on AWS --Oleksandr Kuzminskyi | |||
2:30 PM - 2:55 PM 25 minutes | Afternoon Tea break SPONSORS WANTED!! Also Brain Date | |||
3:00 PM - 3:25 PM 25 minutes | Security Hub at Scale --Masoom Tulsiani | Securing LLMs --Parth Patel and Ishneet Dua | Open Discussion | |
3:30 PM - 3:55 PM 25 minutes | Security Log Analysis with Amazon Q --Manas Satpathi & Sandeep Mohanty | IAM Deep Dive --Peter Sankauskas | Open Discussion | |
3:55 PM - 4:05 PM 10 minutes | Raffle & Closing Note - Hahn Auditorium | |||
Platinum Sponsors
AWS
Amazon Web Services (AWS) is the secure foundation for the global cloud, providing over 200 fully featured services designed to meet the most stringent security requirements of the world's leading organizations. For this Security Edition, AWS is highlighting the shift to autonomous defense, featuring new AI Security Agents and the Amazon Bedrock AgentCore to proactively neutralize threats before they reach production. By integrating zero-trust architectures and automated remediation into every layer of the stack, AWS empowers the community to innovate with "Shielded Velocity," ensuring that the fastest-growing startups and largest enterprises alike remain secure by design.
Gold Sponsors
Workato
Workato is the first Production-Ready Agentic Hub, offering a battle-tested implementation of the Model Context Protocol (MCP) that allows AI agents to securely trigger actions across 1,200+ systems today. While legacy platforms are still navigating "agentic roadmaps," Workato's Agent Studio already powers autonomous workflows with built-in identity propagation and "secure-by-default" encryption. By transforming static APIs into intelligent, callable skills in minutes, Workato is winning the race to define the infrastructure of the AI-driven enterprise.
Silver Sponsors
COMMUNITY PARTNERS
Venue
Computer History Museum
1401 N Shoreline Blvd,
Mountain View, CA 94043
Contact Us
We are always happy to hear from you. You can reach us for sponsorship enquires, topic proposals, ticketing, feedback or any general question on AWS Community Day, please drop an email to john@lookitupforme.com
Policies