BSides Boston 2020: AWS Security - Easy Wins and Enterprise Scale

Sep 26, 20

On September 26th, 2020, I gave a 50-minute talk at BSides Boston. The details are recorded here for posterity.


Cloud computing continues its rampant growth, and AWS maintains its lead as the predominant platform. Since the last BSidesBoston in 2017, AWS adoption has gone from 57% to 76% of enterprises.[1] Whether your organization has two feet firmly in the cloud, is dipping a toe in the water, or you personally are wondering “where do I even start,” it’s important to learn to adjust security to cloud environments.

This talk will look at two extremes. First, we’ll go through the easy wins that almost any one or any organization can identify and apply. Then, we’ll pivot to look as the the big picture security problems to consider as either your security maturity or AWS usage grows. We won’t be able to go deep into all the weeds of the topic, but instead we’ll provide the essential information, and pointers for next steps. No matter your size, complexity, or sophistication of your AWS environment, you should walk away with an idea of where to look for your next actionable improvements.

[1] Per RigthScale/Flexera State of the Cloud 2017/2020


The slide deck is available on SpeakerDeck.

A recording of the talk is available on Youtube.