Videos processed: June 21st, 2025 at 3:45pm MDT (37 new videos added - 163 total videos processed)
This repository contains detailed summaries and analysis of AWS re:Inforce 2025 security conference talks. Each talk has been processed with full transcripts, key points, technical details, and comprehensive summaries to help security professionals quickly identify the most valuable content for their needs.
- Full Talk Summaries: Over 40 hours summarized, across 163 videos
- Technical Implementation Details: Concrete guidance, examples, services mentioned, and actionable steps from each talk
- Video Links: Direct access to original presentations on YouTube
If you're working with AI systems and want to implement security best practices:
- A practical guide to generative AI agent resilience (SEC323) - Comprehensive framework for AI agent security
- Privacy-first generative AI: Establishing guardrails for compliance (COM224) - Bedrock guardrails and compliance
- Building secure RAG applications on Amazon Bedrock (APS322) - Secure RAG implementation patterns
- The right way to secure AI agents with code examples (IAM441) - Practical AI security implementation
- Velocity with vigilance: Security essentials for Bedrock Agents (APS323) - Bedrock-specific security guidance
- Secure by design: How Amazon.com approaches GenAI implementation (SEC322) - Enterprise AI security patterns
- Improve code quality with Amazon Q Developer (APS301) - AI-assisted development and security automation
- Customer Keynote with Comcast - Enterprise AI security integration and zero trust principles
- AI agents talk the talk: Can they walk the walk? (APS321) - AI agent capabilities and security considerations
- Best practices for evaluating Amazon Bedrock Guardrails for Gen AI workloads - Bedrock Guardrails evaluation framework
- Designing trust and safety into your Amazon Bedrock applications (SEC125) - Trust and safety patterns for Bedrock
- Hack yourself first: Terra's AI agents for continuous pentesting - AI-powered security testing
- Hardening generative AI applications using threat model agent (COM326) - Threat modeling for AI applications
- How AWS uses generative AI to advance native security services - AWS's approach to AI-powered security
- Practical AI-powered security: Development best practices (APS342) - AI security development practices
- Raising the tide: How AWS is shaping the future of secure AI (SEC221) - AWS AI security strategy
- Secure remote MCP server deployment for Gen AI on AWS (SEC326) - MCP server security for AI workloads
- Secure your AI applications with Cisco AI Defense on AWS (APS227) - Third-party AI security solutions
- Securing generative AI: A baseline in the security landscape (SEC227) - Foundational AI security principles
- Behind the shields: AWS and Anthropic's approach to secure AI (SEC303) - AWS and Anthropic AI security collaboration
- Build verifiable apps using automated reasoning and generative AI (APS401) - Automated reasoning for AI application verification
- From possibility to production: A strong flexible foundation for AI security - Production AI security frameworks
- GenAI governance in action: Building and validating cloud controls (GRC302) - AI governance and control validation
- How AWS's global threat intelligence transforms cloud protection (SEC302) - AI-powered threat intelligence
- Operationalizing Amazon Security Lake with analytics and generative AI (TDR342) - AI-enhanced security data analytics
- Secure agentic AI: Mitigate risk in autonomous decision-making systems (NTA126) - Autonomous AI system security
- Supercharge IaC security with AI: From commit to auto-remediation (APS441) - AI-powered infrastructure security
- The state of cloud and GenAI risks: Uncovering the data with Orca Security - Cloud and AI risk analysis
- Transform threat modeling using generative AI (APS222) - AI-powered threat modeling
- Why vibe coding isn't enough: Building secure AI apps that scale (COM322) - Scalable AI application security
- Workforce identity for generative AI and analytics (IAM302) - Identity management for AI workloads
- Building trust in Agentic AI through authentication and access control (IAM321) - Authentication and access control for AI agents
- Know your data: Building a strategy to address OWASP Top 10 for LLMs (DAP122) - LLM security best practices and OWASP Top 10
- Proven techniques to build a trusted software supply chain for AI apps (NIS121) - AI application supply chain security
- Managing digital identity in the age of generative AI (SEC322) - Digital identity management for AI systems
- Protecting GenAI and the entire AI ecosystem (SEC206) - Comprehensive AI ecosystem protection
- When every second counts: Agentic AI in cloud detection & response (TDR201) - AI-powered threat detection and response
- Use generative AI for business growth amid the regulatory landscape (GRC225) - AI governance and regulatory compliance
- Building secure generative AI security tools, featuring Trellix (TDR303) - AI-powered security tools development
If you're implementing security controls in CI/CD pipelines and infrastructure:
- Coding for proactive controls with AWS CloudFormation (GRC441) - CloudFormation Hooks for security automation
- Beyond shift-left: Embedding controls in infrastructure pipelines (GRC442) - CDK security integration
- Automation in action: Strategies for risk mitigation (SEC220) - NIST framework and automated controls
- Security and infrastructure unite: Breaking down cloud adoption barriers (SEC221) - Infrastructure security patterns
- Securing EKS containers: Reducing CVEs & simplifying compliance (APS223) - Container security and minimal image strategies
- Level up your DevSecOps with generative AI (NTA125) - AI-powered DevSecOps practices
- Mission-driven DevSecOps: GitLab + AWS GovCloud at CACI (GRC222) - Government DevSecOps implementation
- Threat modeling a batch job framework (COM325) - Security architecture for batch processing
- Accelerating incident response with AWS Security Incident Response (TDR421) - AWS Security Incident Response service implementation
- Advanced network defense: From basics to global scale with AWS Cloud WAN (NIS305) - Global network security architecture
- Building enterprise-grade AppSec: Lessons from AWS Security (APS201) - Enterprise application security practices
- Building secure development into Amazon Stores (APS221) - Secure development lifecycle implementation
- Implementing incident response with AWS Well-Architected best practices (COM324) - Well-Architected incident response framework
- Managing cloud risks at scale with Autodesk & Orca Security (TDR202) - Enterprise cloud risk management
- Mission-driven DevSecOps: GitLab + AWS GovCloud at CACI (GRC222) - Government DevSecOps implementation
- Modernizing privacy compliance workflows in AWS (COM221) - Privacy compliance automation
- Move fast, stay secure: Lessons learned from the AWS prototyping team (APS341) - Rapid secure development practices
- Scaling AWS threat intelligence to protect customers (TDR304) - Threat intelligence integration
- Securing CodeBuild managed runners: Patterns for GitLab & GitHub (APS202) - CI/CD security patterns
- From compute to code: Expanding vulnerability scanning across the SDLC (APS203) - Comprehensive vulnerability scanning across development lifecycle
If you're working on IAM, authorization, and access controls:
- Getting to least privilege takes more than CIEM (IAM101) - Advanced IAM strategies beyond CIEM
- How MongoDB uses Cedar policy language for fine-grained authorization (IAM301) - Cedar policy implementation at scale
- Securing machine identities cloud access in AWS at scale (IAM202) - Machine identity management patterns
- How Mendix revolutionizes access management with a generative AI chatbot (IAM322) - AI-powered access management
- No more IAM cleanup: How KKR automated access and permissions at scale (IAM222) - Automated IAM management
- Securing app & AI development using 1Password + AWS Secrets Manager (IAM224) - Secrets management integration
- AWS Managed Microsoft AD for enterprise identity (IAM223) - Enterprise Active Directory integration
- Developer freedom using resource control policies featuring Comcast (IAM303) - Resource control policy implementation
- Empowering developers to implement least privilege IAM permissions (IAM304) - Developer-focused IAM best practices
- Establishing a data perimeter on AWS featuring Block Inc (IAM305) - Data perimeter implementation patterns
- Implement app authorization in minutes with Amazon Verified Permissions (IAM306) - Verified Permissions quick implementation
- Understand who in your organization can access your AWS resources (IAM307-NEW) - Resource access visibility and management
- Visualizing workforce identity: Graph-based analysis for access rights (IAM341) - Visual access rights analysis and management
- Zero Trust in EKS: Securing workload identity and communication (IAM342) - Zero Trust implementation for Kubernetes workloads
If you're managing security across large AWS organizations:
- Build multi-account security controls using Amazon Q CLI chat (GRC321) - Q-powered multi-account management
- More control, more choice: AWS European Sovereign Cloud (SEC208) - Sovereign cloud considerations
- Simplify compliance with AWS native tools (NTA123) - Continuous compliance monitoring with Config and Audit Manager
- Multicloud strategy and best practices (NTA124) - Multi-cloud security architecture
- Scaling cloud compliance & governance with Terraform + AWS (GRC121) - Infrastructure as Code governance
- AWS Global Services: Turning security into innovation accelerators (SEC124) - Enterprise security transformation
- Build security monitoring and response at scale (GRC421) - Scalable security operations
- Code to cloud risk management: From noise to real-time action (GRC226) - Risk management automation
- Avoiding AI risks in your AWS environment (GRC101) - AI risk management in enterprise environments
- Best practices for managing governance, risk and compliance globally (GRC301) - Global GRC management strategies
- Building sovereign-ready automated controls and evidence processes (GRC201) - Sovereign cloud compliance automation
- Empowering critical infrastructure entities through cloud governance (GRC303) - Critical infrastructure governance
- Enterprise security at scale: SAP's AWS blueprint (TDR306) - Enterprise security architecture patterns
- How AWS designs the cloud to be the most secure for your business (SEC201) - AWS security design principles
- How the AWS obsession with resilience helps customers build for adversity - Resilience and business continuity
- JPMC makes AWS organization more secure by removing thousands of root users - Large-scale root user management
- Maintain business continuity using AWS Backup and Multi-party approval (GRC304) - Business continuity and backup governance
- Simplify your AWS compliance insights using AWS Artifact (GRC322) - Compliance management with AWS Artifact
If you're focused on security monitoring and incident response:
- Routing the right data to Amazon Security Lake (TDR222) - Security data management and cost optimization
- Multi-stage threat detection using Amazon GuardDuty and MITRE (TDR301) - Advanced threat detection patterns
- Scale vulnerability management using Amazon Inspector (TDR305) - Vulnerability management at scale
- Serverless threat response for Amazon S3 malware detection (COM301) - Automated threat response
- Detection and response on AWS for partners (SEC123) - Enhanced Security Hub with unified security operations
- Security at scale: Orchestrating AWS Security Hub alerts with Tines (TDR221) - Workflow automation for security operations
- Agentic AI: Accelerating threat detection and response (TDR326) - AI-powered threat detection
- How Autodesk scales threat detection with Amazon GuardDuty (TDR323) - Enterprise GuardDuty implementation
- Getting the most out of your data for security outcomes (TDR223) - Security data analytics
- Code, normalize, detect: The detection as code revolution (TDR307) - Detection engineering practices
- Machine vs Machine: Winning the new security arms race (TDR324) - Automated security defense
- Security tools are the new attack surface (TDR121) - Security tool hardening
- Taming the alert avalanche: Cutting through SOC noise (TDR325) - Alert management and noise reduction
- AWS Security Hub: Detect and respond to critical security issues (TDR309-NEW) - Enhanced Security Hub capabilities and response workflows
- Amazon GuardDuty Extended Threat Detection: Identify multi-stage attacks (TDR308) - Advanced threat detection with GuardDuty
- Eliminating blind spots in your security monitoring strategy (TDR203) - Comprehensive security monitoring coverage
- From detection to code: GuardDuty attack sequences with Amazon Q (TDR343) - AI-powered attack sequence analysis
- From incidents to insights: Creating a security learning organization (TDR224) - Incident response and organizational learning
If you're working on data security and encryption:
- How Atlassian built customer-controlled encryption with AWS KMS (DAP324) - Customer-controlled encryption patterns
- How Mercado Libre secured its payment processing with AWS (DAP301) - Payment security implementation
- Strengthen your data perimeter with resource control policies (DAP302) - Data perimeter controls
- Solving security's data problem (GRC227) - Security data management and tiering strategies
- Encrypting data in transit for your Kubernetes applications (DAP341) - Kubernetes encryption patterns
- Post-quantum cryptography demystified (DAP222) - Post-quantum cryptography preparation
- Where are your secrets? Monitor keys, secrets and certs usage on AWS - Secrets and certificate monitoring
- Data protection, recovery and resiliency on AWS (DAP325) - Comprehensive data protection strategies
- Demystifying attestation: Measure and verify your execution environment (DAP442) - Execution environment verification
- Fannie Mae's practical path to modern PKI and certificate management (DAP302) - Enterprise PKI modernization
- Veradigm's security-first approach to amplifying potential with GenAI (DAP201) - Healthcare AI security implementation
- How Monzo Bank protects critical workloads using AWS Nitro Enclaves (DAP322) - Nitro Enclaves for sensitive workload protection
- Navigating sovereignty requirements: Architectures and solutions on AWS (DAP202) - Data sovereignty and compliance architectures
- Your DevOps stack has a blind spot: Data resilience (DAP321) - Data resilience in DevOps workflows
- Internet security: The past and future of TLS certificates and web PKI (SEC209) - TLS and PKI security evolution
If you're securing network infrastructure and web applications:
- How Meta enabled secure egress patterns using AWS Network Firewall (NIS321) - Enterprise network security
- Shielding your web application from digital threats (NTA122) - Web application protection
- Sticky situations: Building advanced AWS WAF honeypots (NTA123) - WAF and honeypot strategies
- A deep dive into Amazon VPC Lattice granular security (NIS341) - VPC Lattice security architecture
- I didn't know Network Firewall could do that! (NIS322) - Advanced Network Firewall capabilities
- How ItaΓΊ Unibanco leverages AWS Shield Advanced to combat DDoS events (NIS302) - DDoS protection and Shield Advanced implementation
- Outbound network controls made easy (NIS301) - Simplified outbound network security
- Strengthen your network security with AWS Shield (NIS202-NEW) - AWS Shield security enhancements
- Strengthening network security with AWS Network & DNS Firewall (COM321) - Network and DNS firewall integration
- AWS Network Firewall: Latest features and deployment options (NIS201-NEW) - Latest Network Firewall capabilities and deployment patterns
- Cyber for Industry 4.0: What is CPS protection anyway? (NIS123) - Cyber-physical system protection for industrial environments
- Integrate Zero Trust into your cloud network (NIS304) - Zero Trust network architecture implementation
- Redefining cybersecurity for modern threats with Armis Centrix (NIS122) - Modern threat protection with Armis integration
- Securing AWS networks: Observability meets defense-in-depth (NIS306) - Network security observability and defense strategies
- Simplify AWS WAF and Amazon CloudFront Security for Faster Deployment (NIS203-NEW) - Streamlined WAF and CloudFront security deployment
- Thinking beyond traditional firewalling architectures (NIS303) - Modern firewall architecture patterns
- VPN-less access to AWS private services with AWS Verified Access (NIS421) - Secure access without VPN using Verified Access
- WAF logs to security gold: A 20-minute dashboard revolution (NIS323) - WAF log analysis and dashboard creation
If you're building security teams and culture:
- Lead resilient security teams through psychological safety (SEC223) - Security team leadership
- Build and scale a security-first engineering culture (SEC204) - Engineering culture transformation
- Scaling security with Sportsbet's Security Guardians program (APP301) - Security champion programs
- Upskill your team with the AWS Security Champion Learning Plan (TRA101) - Security training programs
- CSO's perspective: An insider's guide to cyber readiness (DAP121) - Executive perspective on cybersecurity strategy and recovery planning
- Inclusive security: Unlocking the power of diverse perspectives (SEC224) - Diversity and inclusion in security
- Cloud resilience: AWS and ISV solutions for operational excellence (SEC229) - Operational resilience strategies
- Emerging tech and new threats: Prepare for the future (SEC225) - Future security challenges
- How CISOs think strategically about cloud security (SEC321) - CISO strategic perspectives
- How to reframe security events as a value add (APS224) - Security value communication
- Keynote with Amy Herzog, AWS Events - Conference keynote insights
- Launches: Ask me anything (SEC120) - AWS security service launches Q&A
- Mastering AWS security partnerships: From strategy to success (SEC121) - Security partnership strategies
- Rethinking cloud security: A horizontal operating model built on context (SEC324) - Cloud security operating models
- Security by design: Leveraging nudge theory for better outcomes - Behavioral security design
- Technical insights: Expert keynote Q&A (SEC320) - Expert panel discussions
- Transform security and compliance into your innovation catalyst (SEC327) - Security as business enabler
- Transitioning security mindsets: From on-premises to cloud-native security - Cloud security transformation
- Building stronger cloud defense with real-world insights (SEC207) - Real-world security defense strategies
- AWS Heroes launch insights (COM220) - Community insights from AWS Heroes program
- Security as an innovation driver: Robinhood Markets' CSO insights (SEC205) - Executive perspective on security as business enabler
- What good looks like: Building and improving cloud security (SEC203) - Cloud security best practices and maturity models
- Enhancing security operations with Next Gen SIEM and ConvergeSECURITY (SEC325) - Modern SIEM and security operations enhancement
Thanks to Chris Whitlock from StudyGRC for sharing a NotebookLM with all the videos + the Cybr summaries included:
Cole Horsman took this project idea to the next level with deep analysis of talks from 2024 to 2025. Check it out here:
Want to dive deeper into the AWS security topics covered in these talks? Check out our hands-on AWS Security training at Cybr - featuring real-world labs and practical implementation guidance for many of the concepts discussed in these sessions.