Dozens of MSSPs and cybersecurity companies are attending AWS re:Invent 2021. But what cybersecurity news will Amazon Web Services and its partners potentially unveil at the conference? Stay tuned to this live blog for ongoing updates.
Note: Blog originally published November 28, 2021. Updated regularly thereafter.
11. Independent Cybersecurity Audits: A-LIGN has surfaced at the conference to promote independent cybersecurity audits and assessments, which allow organizations to "assure their customers that sensitive data and critical operations are handled securely. A-LIGN develops the A-SCEND compliance management platform. The company's 2022 product roadmap is on display at the event.
10. CrowdStrike News: CrowdStrike announced new AWS product integrations and certifications that deliver breach protection and streaming observability. The integrations address involve such areas as EKS Anywhere support; AWS Outposts launch partner participation; AWS Quick Starts for Humio; and Humio integration with AWS FireLens; and AWS Well Architected ISV Certification.
9. AWS Cloud Security Posture Management (CSPM): Sophos has updated Sophos Cloud Optix to "automate and simplify the detection and response of security incidents across AWS infrastructure," the security company said. The cloud security posture management solution now continuously analyzes AWS CloudTrail to build a picture of individual user activity. A detailed timeline view tracks user activities, high risk anomalies and security and compliance incidents across all AWS accounts with remediation guidance for security teams, Sophos indicated.
8. Cloud Security – Amazon Inspector: This is a new automated security assessment service that helps customers to secure their AWS workloads. Launch partners include Rezilion— a startup focused on development, security, and operations (DevSecOps) automation.
7. McAfee and FireEye: McAfee Enterprise and FireEye today introduced new cloud security capabilities on AWS as well as integration with Amazon Inspector. Among the developments to note: FireEye Helix behavior analysis and machine-learning Extended Detection & Response (XDR) capabilities combined with Amazon Inspector, a vulnerability management service, offers AWS customers “greater visibility and protection of applications and data in the cloud.” Also, McAfee Enterprise and FireEye are also now included in the AWS ISV Workload Migration Program (WMP), which “helps customers with funding, technology enablement and go-to-market support as they migrate independent software vendor (ISV) workloads on AWS and accelerate their digital transformation,” the announcement said.
6. AWS Marketplace Expansion: Stephen Orban, GM of AWS Marketplace and control services, is set to share some updates. Dozens of security tools are already available in the AWS Marketplace. It's a safe bet more will surface in the marketplace this week...
5. Continuous Security Improvement Session: During a session at the event, AWS Chief Information Security Officer (CISO) Stephen Schmidt plans to address best practices for security in the cloud, feature updates, and how AWS handles security internally. The discussion, scheduled for December 2 at 1:00 p.m. PT, will address the future of tooling for security, identity, privacy and compliance.
4. Cloud Security Posture Management (CSPM): Fully 41 percent of MSSPs now offer cloud security posture management (CSPM) to their end customers, MSSP Alert research found in September 2021. Still, customers and some partners continue to misconfigure their AWS workloads, sometimes leaving Simple Storage Service (S3) buckets and other cloud systems wide open for hackers to access. The big question: What steps, if any, will AWS take to further strengthen its own CSPM systems? We'll be watching for answers.
3. AWS Embraces MSSPs: AWS announced a Level 1 MSSP Competency for AWS Partners in August 2021. Multiple Top 250 MSSPs and Top 40 MDR (managed detection and response) service providers have earned the competency. Fast forward to present day. We wonder if AWS will announce a few new wrinkles for the competency, along with new members...
2. AWS Security Conference: Meanwhile, the AWS re:Inforce 2022 cloud security conference is now confirmed for June 2022.
1. Share Your AWS re:Invent 2021 News: Send news tips and updates to MSSP Alert Editorial Director Joe Panettieri ([email protected]).
Side note - Non-Security News: Track general channel and MSP partner news at the conference here, via ChannelE2E.