Caitlin Marco
By Caitlin Marco
Posted On November 20, 2017

Your AWS Re:Invent Survival Guide

AWS | Events

Our security team knows a thing or two about conquering a conference - making the most out of the day and night. So the team got together to share their personal recommendations on things to do and things to know in this handy Re:Invent Survival Guide.

We've got you covered on all things Re:Invent..

  • Getting Around - Walk times, shuttle locations and schedules
  • Where to Party - The full list of official and unofficial parties
  • Top Session Recommendations from Hands-On Training, Cloud Migration Sessions, Security Best Practices, DevOps and DevSecOps, Scaling, and Top Security Trends
  • Come Say Hi - Stop at our booth for shwag and prizes

GETTING AROUND

Knowing where to go is half the battle. Knowing how to get there is the game changer. Here's everything you need to get you where you need to be on time.

THE CAMPUS MAP:  https://reinvent.awsevents.com/campus/

WALKING TIMES: Walking is the easiest mode of transportation during Re:Invent, but if you want to walk, be prepared beforehand. Walking can take no less than 15 minutes in-between venues. Check out this reference chart to better plan your day:

Walking times.png


THE SHUTTLE SERVICE:

The Venetian is the hub for all shuttle services. Please allow yourself 30 minutes to travel between venues.


SHUTTLES RUN CONTINUOUSLY DURING THE FOLLOWING HOURS*

SUNDAY, NOV. 26

12:00PM — 1:30AM 

MONDAY, NOV. 27

6:00AM — 12:30AM 

TUESDAY, NOV. 28

6:00AM — 10:00PM 

WEDNESDAY, NOV. 29

6:00AM — 12:30AM

THURSDAY, NOV. 30

6:00AM — 12:30AM

FRIDAY, DEC. 1

6:00AM — 3:00PM 

Shuttle FAQ
*BELLAGIO SHUTTLES RUN ONLY DURING AM AND PM PEAK HOURS
(SUNDAY 10PM — 1:30AM, MONDAY — THURSDAY 6AM - 10AM &4PM 7:30PM, FRIDAY 6AM 10AM)

 

 

 

WHERE’S THE PARTY AT?

If you've had enough sessions, there are no shortage of things to do and we've got the 'Unofficial List of Parties' to keep you in the know.
http://reinventparties.com/

PARTIES YOU CAN'T MISS:

  • MIDNIGHT MADNESS – SUNDAY, NOV. 26 | 10:30PM – 1:00AM
  • WELCOME RECEPTION – MONDAY, NOV. 27 | 5:OOPM7:00PM
  • BROOMBALL – TUESDAY, NOV. 28 | 5:30PM7:30PM
  • PUB CRAWL  WEDNESDAY, NOV. 29 | 5:30PM – 7:30PM
  • re:PLAY PARTY – THURSDAY, NOV. 30 | 8:00PM – 12:00AM

 

TOP SECURITY SESSIONS

GET HANDS ON 

Security JAM

Join us for a day-long jam investigating and creating AWS native security solutions. Can you identify what went wrong? What would you do differently? Can architect with multiple AWS services to prevent it from happening again? Take part in a cloud version of whoddunit!  You will have the chance to tackle a series of Security Challenges using a wide range of AWS Services, from security analytics, hardening, remediation, to incident response and recovery! AWS and sponsors will provide all infrastructure required to take part in this gamified event where you compete to score points. Teams will be formed on the day.  You just need to bring you laptop. No specific domain knowledge required but a base of general knowledge of how to use the AWS platform is recommended. We will have AWS experts on hand to help. 

Session Room Venue: LINQ
Session Type: Hackathon

Building Serverless Compliance-as-Code (Tuesday + Wednesday)

Compliance-as-code is the concept of automating the evaluation of recorded configurations against desired configurations, from a security and well-architected perspective. Building Serverless Compliance-as-Code is a full-day, advanced-level bootcamp designed to teach you how to use, read, and write compliance-as-code to keep an AWS environment secure and optimized. Following hands-on practice, the day will conclude with a tournament. The goal is to build innovative compliance-as-code to be made available to millions of AWS customers on the AWS public Github.

Session Room Venue: Mirage
Session Type: Bootcamp

 

 

SECURITY AND AWS

Securing Your Applications and Data on AWS

Shared responsibility in the cloud means that, while AWS is responsible for the security of the cloud, you are responsible for the security of the applications and data you place in the cloud. Sophos can help. Sophos UTM provides added layers of security to help protect your AWS environment with an all-in-one solution. Get granular controls: logging and reporting with stateful traffic inspection and control, intrusion prevention system (IPS), layer-7 application control, VPN connectivity, and a web application firewall (WAF). Manage it all with an easy-to-use web-based management console. In the session, Sophos illustrates how UTM on AWS can help prevent your cloud-based, web applications from becoming infected with malware, and how it can help prevent that infection from spreading.

Who’s Talking? Jorn Lutters - Security Architect, Sophos
Session Room Venue:  Venetian
Session Type:  Demo Session
Track:  Demo Theater

 

Stop Wasting Your Time: Focusing on Security Practices That Actually Matter

There is a lot of talk about cybersecurity. Between the sheer number of vendors and daily news coverage about the latest breach, it’s easy to feel like you don’t know where to start. Not to mention it’s nearly impossible to keep up with the pace of tech evolution, like cloud infrastructure, containers, or the latest configuration tool. Nevertheless, you’re challenged with protecting your organization from intrusion, insider threats, and data loss. In this talk, Sam Bisbee, Threat Stack’s CSO, helps you understand how to calculate your organization's risk, devise a realistic defense strategy for your cloud workloads, and take action using both built-in and other tools. 

Who’s Talking? Sam Bisbee - CTO & CSO, Threat Stack, Inc.
Session Room Venue:  Venetian
Session Type:  Demo Session
Track:  Demo Theater

How FINRA Secures Its Big Data and Data Science Platform on AWS

FINRA uses big data and data science technologies to detect fraud, market manipulation, and insider trading across US capital markets. As a financial regulator, FINRA analyzes highly sensitive data, so information security is critical. Learn how FINRA secures its Amazon S3 Data Lake and its data science platform on Amazon EMR and Amazon Redshift, while empowering data scientists with tools they need to be effective. In addition, FINRA shares AWS security best practices, covering topics such as AMI updates, micro segmentation, encryption, key management, logging, identity and access management, and compliance.

Who’s Talking?
Vincent Saulys - Senior Director, FINRA

David Yacono - Senior Director, Cyber & Information Security, FINRA
Session Room Venue:
 Aria
Session Type:  Breakout Session
Track:  Analytics & Big Data
Session Level:  Advanced (300 level)

Enabling Enterprise-Grade Security, Risk, and Compliance Posture in the Cloud

The AWS Security, Risk, and Compliance Simulation takes mixed teams of security management, IT, and Business leaders through an experiential exercise that highlights key decision points to enable a secure cloud journey. This team-based exercise uses gamification techniques to work through an industry case study that requires your team to make critical decisions and investment choices. Participants also experience the impact of these investments and decisions on critical aspects of their secure cloud adoption. From the simulation, gain an understanding of the major success factors to building security, risk, and compliance in the cloud, and how to apply similar decision and investment approaches to your specific cloud adoption journey. The simulation is best suited to participants who are key to executing your cloud security strategy, ranging from security management and risk management, to decision-makers from Legal and Compliance and the business side. Attendees should have some role in the cloud security strategy for their company. 

Who’s Talking?
Gili Lev - Sr Security Transformation Lead, AWS

Steven Laino - Security Architect
Chad Schieken - Practice Manager
Tim Anderson - Program Manager, Security & Compliance, AWS
Clarke Rodgers - Cloud Executive Security Advisor
Session Room Venue:  MGM
Session Type:  Workshop
Track:  Enterprise
Session Level:  Introductory (200 level)

  

Walking the Tightrope: Balancing Innovation, Reliability, Security, and Efficiency on the Cloud

At Netflix, we make explicit tradeoffs to balance our four key focus domains of innovation, reliability, security, and efficiency to ensure our customers, shareholders, and internal engineering stakeholders are happy. In this talk, learn the strategies behind each of our focus domains to optimize for one without detracting from another.

Who’s Talking? Coburn Watson - Director - Reliability, Performance, and Cloud Infrastructure, Netflix, Inc
Session Room Venue:  Venetian

Session Type:  Breakout Session
Track:  Architecture
Session Level:  Introductory (200 level)

 

 

MIGRATING TO AWS

Addressing Your Business Needs with AWS

In this collaborative workshop facilitated by the AWS Solutions Builder team, you share your solutions-related knowledge and visions in areas such as networking, security, migration, big data, mobile. As each team works through the exercise, you discuss ideas, give advice, and share challenges when building on AWS. You also identify the supporting resources and collateral you used or would like to see available. Each team has the opportunity to summarize and present their experience to the group. This is a great opportunity to collaborate with existing and prospective AWS users to validate your thinking and direction with AWS peers, review existing AWS solution offerings, discuss the resources that aid AWS solution design, and give direct feedback on your experience building solutions on AWS. Come prepared to share specific business problems that you have solved or would like to solve, questions or advice for building solutions, or any pain points you encountered during the process.

Who’s Talking?  Kevin Volk - Sr. Program Manager, AWS
Session Room Venue:  Venetian

Session Type:  Workshop
Track:  Architecture
Session Level:  Introductory (200 level)

 

 

SCALING

Manage Infrastructure Securely at Scale and Eliminate Operational Risks

Managing AWS and hybrid environments securely and safely while having actionable insights is an operational priority and business driver for all customers. Using SSH or RDP sessions could lead to unintended or malicious outcomes with no traceability. Learn to use Amazon EC2 Systems Manager to improve your security posture, automate at scale, and minimize application downtime for both Windows and Linux workloads. Easily author configurations to automate your infrastructure without SSH access, and control the blast radius of configuration changes. Get a cross-account and cross-region view of what’s installed and running on your servers or instances. Learn to use Systems Manager to securely store, manage, and retrieve secrets. You can also run patch compliance checks on the fleet to react to malware and vulnerabilities within minutes, while still providing granular control to users with different privilege levels and full auditability. You will hear from FINRA, the Financial Industry Regulatory Authority, on how they use  Systems Manager to safely manage their Enterprise environment.

Who’s Talking?
Sandy Ramamoorthy - Manager, Product Management, EC2 Systems Manager, Amazon

Ananth Vaidyanathan - Sr. Product Manager, Amazon Web Services
Daniel Koo - Senior Director, FINRA
Session Type:  Breakout Session
Track:  Devops
Session Level:  Advanced (300 level)

Managing Multiple AWS Accounts at Scale

Are you running multiple workloads in AWS and growing? Are you looking for best practices to help you manage your accounts as you scale? In this workshop, we explore various strategies to manage your growing AWS account portfolio. We explore best practices around security, including creating accounts for Identity and Access Management (IAM), logging and shared services, and implementing federated access and single sign-on (SSO). From a cost-management perspective, we review best practices surrounding account creation for business units, environment lifecycle, and individual projects. Some of the services we use in this workshop include AWS Organizations, AWS CloudTrail, IAM.

Who’s Talking?
Shahbaz Alam - Practice Manager, AWS Professional Services, AWS

Prakash Palanisamy - Solutions Architect, Amazon Web Services
Session Room Venue:  Venetian
Session Type:  Workshop
Track:  Architecture
Session Level:  Advanced (300 level)

 

 

DevOps + DevSecOps

Taking DevOps Closer to the AWS Edge

Since last year’s ‘Taking DevOps to the Edge’, and with the introduction of AWS Lambda@Edge, the tools available to apply DevOps practices to your application edge have broadened. In this updated session, we dive deep into how you can integrate Amazon CloudFront and related services into your application, be agile in developing and adapting the application, and follow best practices when configuring the services to improve security and performance, all while reducing costs. Attend this session and learn how to determine the best location (origin, edge, or client) to execute your code, avoid needless forwarding of headers and cookies, test your application when making changes, version your configuration changes, monitor usage and automate security, create templates for new distributions, configure SSL/TLS certificates, and more.

Who’s Talking? Phil Christensen - Sr. Solutions Architect, Logicworks
Session Room Venue:  Venetian
Session Type:  Demo Session
Track:  Demo Theater

 

SECURITY TRENDS

Digital Transformation with IoT, Cybersecurity, and Cloud Connectivity Solutions

Data is changing how businesses approach IT. As the size of data increases, businesses need solutions that allow them to be agile—without sacrificing security and performance. Customers face the digital transformation challenge of integrating IOT, cybersecurity, and cloud networking solutions. In this session, we identify key actions that customers need to make to prepare their business for digital transformation.

Who’s Talking?
Amy Machi - Director - Alliances and Business Development, AT&T
Paula Waldron
Session Room Venue:  Venetian
Session Type:  Demo Session
Track:  Demo Theater

 

Compliance and Top Security Threats in the Cloud -- Are You Protected?

Compliance is necessary and a good thing. However, many compliant companies are still getting breached. In this talk, we discuss the importance of using a risk model to figure out the biggest threat to your business and mitigation and monitoring tactics to guard against these high-risk threats. We also dive into a real-world example of achieving Payment Card Industry Data Security Standard (PCI-DSS) compliance in under a year; we share architecture and design patterns; and we discuss what worked and what didn't. Leave this session knowing what the top cloud attack vectors are and how to protect yourself by using AWS services to build a fully automated, highly flexible and secure environment.

This session is part of the re:Invent Developer Community Day, six community-led sessions where AWS enthusiasts share technical insights on trending topics based on first-hand experiences and knowledge shared within local AWS communities.

Who’s Talking?
Boyan Dimitrov - Director Platform Engineering, Sixt

Teri Radichel - Director of Security Strategy and Research, WatchGuard Technologies
Session Room Venue:
 Venetian
Session Type:  Breakout Session
Track:  Developer Community
Session Level:  Advanced (300 level)

 

BEST PRACTICES

Deep Dive: Migrating Big Data Workloads to AWS

Customers are migrating their analytics, data processing (ETL), and data science workloads running on Apache Hadoop, Spark, and data warehouse appliances from on-premise deployments to AWS in order to save costs, increase availability, and improve performance. AWS offers a broad set of analytics services, including solutions for batch processing, stream processing, machine learning, data workflow orchestration, and data warehousing. This session will focus on identifying the components and workflows in your current environment; and providing the best practices to migrate these workloads to the right AWS data analytics product. We will cover services such as Amazon EMR, Amazon Athena, Amazon Redshift, Amazon Kinesis, and more. We will also feature Vanguard, an American investment management company based in Malvern, Pennsylvania with over $4.4 trillion in assets under management. Ritesh Shah, Sr. Program Manager for Cloud Analytics Program at Vanguard, will describe how they orchestrated their migration to AWS analytics services, including Hadoop and Spark workloads to Amazon EMR. Ritesh will highlight the technical challenges they faced and overcame along the way, as well as share common recommendations and tuning tips to accelerate the time to production.

Who’s Talking?
Bruno Faria - EMR Solution Architect

Ritesh Shah - Sr Program Manager, Vanguard
Session Room Venue:  Aria
Session Type:  Breakout Session
Track:  Analytics & Big Data
Session Level:  Advanced (300 level)

Security Operations in 2020

Your journey to the cloud is accelerating and you're closing down data centers. As you get ready to close that last one, it occurs to you—where will my security operations center live? Why, in the cloud of course! Come to this chalk talk to learn best practices for migrating your security operations center and gain prescriptive guidance on using serverless computing, AI, and machine learning to enhance security operations. Learn to increase agility at scale, implement compliance as code, and share a vision of the future using features and services that might not exist yet—but can with your help.

Who’s Talking?
Michael St.Onge - Global Cloud Security Architect

Misty Haddox - Senior Risk Management & Assurance Consultant, AWS
Session Room Venue:  MGM
Session Type:  Chalk Talk
Track:  Enterprise
Session Level:  Advanced (300 level)

Security Anti-Patterns: Mistakes to Avoid

At AWS, security is job zero. Our infrastructure is architected for the most data-sensitive, financial services companies in the world. We have worked with global enterprises to meet their respective security requirements and have learned that there are best practices and pitfalls to avoid. In this session, we provide a guided tour of governance patterns to avoid – ones that may seem logical at first, but that actually impede your ability scale and realize business agility. We also cover best practices, such as setting up key preventative and detective controls for implementing 360-degrees of security coverage, practicing DevSecOps on a massive scale, and leveraging the AWS services (such as Amazon VPC, IAM, Amazon EMR, Amazon S3, Amazon CloudWatch, and AWS Lambda) to meet the most strict and robust enterprise security requirements.

Who’s Talking?
Kurt Gray - Global Solutions Architect for Financial Services, Amazon Web Services

Jonathan Baulch - Director, Architecture, Fidelity Investments
Session Room Venue:  Venetian
Session Type:  Breakout Session
Track:  Financial Services
Session Level:  Advanced (300 level)

The Full Agenda: https://reinvent.awsevents.com/agenda/

 

COME SAY HI

We're going to be tweeting on site all the things going on at AWS Re:Invent. Be sure to follow us @tcellio #tCellSurvivalGuide. We'd love to see you in between sessions and activities, so stop by Booth K47 to have a chat, grab a tShirt, and enter to win a coveted Nintendo Switch

 Not sure where the heck Booth K47 is? We're in the Venetian Expo, near the Developer Lounge. Here's the link to the floor plan.

See you there,
tCell