About AWS Community Day
The world would be such a better place if everyone took information security seriously. Simple misconfigurations and poor security hygiene can lead to catastrophic losses. Education and awareness are the keys to avoiding such disasters.
This Community Day, let's pledge to learn something new, or to make a new friend in the community, or find a security management tool to help us make the world a better place.
The AWS Community Day features expert-led talks, technical workshops, hands-on labs, and networking opportunities with industry leaders and fellow enthusiasts from around the globe. Whether you're an experienced professional or a newcomer in the world of AWS, come join us. Be part of the movement to create a better, smarter, and more connected world.
Topics at the AWS Community Day
Peter M. O’Donnell - Principal Solutions Architect, Security at AWS
Ajjay Govindaram
Data Architect @ AWS
Responsible AI and Security in the generative era: Science and practice
The rapid growth of generative AI brings promising innovation and, at the same time, raises new challenges around its security, safe, and responsible development and use. These challenges include some that were common before generative AI, such as bias and explainability, and new ones unique to generative models, including hallucinations, toxicity, and intellectual property protection. During this session, participants will gain an overview of the challenges that generative AI presents, survey the emerging science surrounding these challenges, and engage in a discussion about the hands-on, security, and Responsible AI work currently being conducted on AWS.
Alex Sin
AI Software Solutions Engineer
Bringing AI Everywhere: Accelerating GenAI for Enterprise
The Intel Gaudi Al accelerator, optimized for Generative Al and Large Language Models, offers an affordable solution for deep learning training and inference, with user-friendly functionalities. In this session we will explore three accessible entry points: accessing model references via Gaudi's GitHub, leveraging Hugging Face Optimum Habana GitHub, and utilizing the GPU Migration tool for seamless model adaptation from GPUs to Gaudi. This session is tailored for developers and data scientists seeking efficient Al acceleration solutions.
Babak Parvizi
Partner Solutions Architect @ AWS.
Enabling SaaS Networking, Routing and Security Using Amazon VPC Lattice
Transitioning to a software-as-a-service (SaaS) model often involves managing multiple AWS accounts and Virtual Private Clouds (VPCs), posing challenges in service deployment, communication, and security across diverse compute options like serverless, containers, and instances. These complexities can hinder operational efficiency and agility for SaaS organizations in a competitive landscape. However, Amazon VPC Lattice offers a solution by simplifying the networking experience in a multi-tenant environment, enabling seamless connection, security, and management across any compute option, account, and VPC. This innovative approach eliminates the hurdles of VPC peering, transit gateways, and CIDR block overlaps, enhancing flexibility, security, and speed. This talk dives into utilizing VPC Lattice to streamline network connectivity, security, and monitoring in a multi-account, multi-VPC SaaS setup to drive efficiency for your SaaS organization.
Banjo Obayomi
Developer Relations @ AWS.
Building with Generative AI on AWS using PartyRock, Amazon Bedrock, and Amazon Q (Laptop Required)
Workshop: Learn to build generative AI applications on AWS using PartyRock and Amazon Bedrock. You will gain skills in prompt engineering and using the Bedrock API. We will also explore how to 'chat with your documents' through knowledge bases, retrieval augmented generation (RAG), embeddings, and agents. We will also use next generation developer tools Amazon Q and Amazon CodeWhisperer to assist in coding and debugging. You will be provided an AWS account to go through this workshop. Some familiarly with using services such as AWS Lambda and writing Python code is helpful. No AI/ML experience is necessary. This workshop is intended to be finished within 2 hours.
Gunnar Grosch
Principal Developer Advocate @ AWS
Developer Mindset: Embracing GitOps for Network Security and Compliance
As modern cloud-native applications evolve, the traditional network testing and security compliance in infrastructure deployments often struggle to keep up. In this talk we will discuss how leveraging GitOps and Generative AI allows for automated consistent network testing, security compliance enforcement, validation testing and standardization of infrastructure deployments across an organization.
Ishneet Kaur Dua
Senior Solutions Architect @AWS
Responsible AI and Security in the generative era: Science and practice
Panelist. Senior Solutions Architect based in the San Francisco Bay Area. She helps AWS enterprise customers grow by understanding their goals and challenges, and guides them on how they can architect their applications in a cloud-native manner while ensuring resilience and scalability. She is passionate about generative AI, Ethical and Responsible AI, machine learning technologies and environmental sustainability.
Jenni Wu
Solutions Architect @ AWS.
Security Workshop
In this workshop, you will learn practical techniques for protecting your web application from the most common threats, without needing to change any code. These techniques can be applied directly against your own AWS environments with minimal time and effort. You will be provided an AWS Account running the OWASP Juice Shop, and perform an attack to exfiltrate its credentials. You will then leverage Amazon GuardDuty to detect and respond to the attack, AWS Web Application Firewall (AWS WAF) to create a virtual patch to stop the exploit, and VPC Endpoint Policies to prevent illicit use of the stolen credentials. You'll also see how AWS WAF can be used to block other exploits using its managed rules. Using these and similar techniques to detect and respond to attacks will let you build fast AND stay secure.
John Martinez
Technical Evangelist @ StrongDM.
Real-world Authorization
Authorization policy languages like AWS Cedar and OpenFGA have opened up the world to implementing fine-grained access controls in your own applications. This is great for your API gateways, but what about the mission-critical infrastructure your Cloud, IT and security staff need to support and secure every day? How can IAM admins provide modern, fine-grained authorization to the databases, k8s clusters, and servers that host our digital kingdoms? Let's talk about: - The state of authorization in 2024 - Beyond Least Privilege: Continuous authorization and where it fits in your security strategy - You’re not thinking small enough: Fine-grained permissions - Cedar policies and the power of simplicity - Where do we go next from here?
Julia Furst Morgado
Global Technologist @ Veeam
You're Hit by a Ransomware Attack, What's Next?
Ransomware is the buzzword of the day, and in this talk, Julia Furst Morgado from Veeam will address what happens when an organization is hit by a ransomware attack. The talk will focus on immediate and long-term steps an organization should take in response to such an attack. It will also cover preventive measures and best practices for ransomware protection. This session is aimed at business-focused professionals, providing them with practical advice and strategies to deal with ransomware threats.
Manas Satpathi
Principal TAM @ AWS.
Auto-remediate Security and Compliance deviations using AWS Services
Are you looking to optimize your AWS resources and ensure best practices are followed? Join us for an insightful dive deep session into the world of AWS Trusted Advisor and how you can leverage it to streamline your operations. Learn how you can benefit by implementing architecture patterns to auto-remediate best practice deviations detected by AWS Trusted Advisor, respond quickly to security vulnerabilities and continue to optimize your AWS environment!
Marlon Chung
Cloud Security Architect @ Check Point
The importance of protecting APIs as enterprises move to adopt the AWS cloud
Marlon Chung, Cloud Security Architect at Check Point Software Technologies, specializes in cloud security solutions for the enterprise. With over 25 years of experience in Information Technology and a solid background in cybersecurity, he brings a wealth of experience in architecting and designing solutions across cloud services. In this session, he will discuss “The importance of protecting APIs as enterprises move to adopt the AWS cloud”. Join my session as I share the journey of the API evolution, the impact on modern AWS cloud environments and how to secure your APIs. APIs have emerged as one of the most significant components of the modern Internet. Many services use APIs to implement modularity or expose various functions to their users. However, APIs also face significant security threats, as 84% global internet traffic is based on API’s. In addition to common threats related to web applications, APIs also face their own category of targeted potential vulnerabilities. Some API security best practices that can help to manage these security risks are authentication and authorization, Zero-trust access management, monitoring and alert for anomalous activity and more. These API security best practices will help you to protect valuable components of an IT infrastructure on AWS environments.
Michal Brygidyn
Chief Cloud Security Architect @ Xebia
Cloud Hacking Scenarios
You’ve been hearing a lot about security best practices in the cloud, but have you ever seen them broken? This talk goes through various security scenarios in the cloud, showing how an attacker could potentially compromise a poorly configured cloud environment. The session will cover the common mistakes made when setting up cloud environments and demonstrate how these can be exploited. Attendees will learn about the importance of following best practices in cloud security and how to avoid becoming a victim of these common security issues.
Parth Patel
Senior Solutions Architect @AWS
Responsible AI and Security in the generative era: Science and practice
Panelist. Solutions Architect at AWS in the San Francisco Bay Area. Parth guides customers to accelerate their journey to the cloud and help them adopt and grow on the AWS Cloud successfully. He focuses on machine learning, environmental sustainability, and application modernization.
Peter Sankauskas
AWS Community Hero @ Answers for AWS
AWS Control Tower: How to adopt it
AWS Control Tower can is a great tool for a growing organization to manage their AWS accounts. In this session, Peter Sankauskas will provide insights into how to adopt AWS Control Tower for your organization. He will discuss its benefits, potential pitfalls, and best practices for implementation. This session is particularly useful for organizations looking to scale their AWS usage efficiently and securely. Attendees will gain practical knowledge on how to leverage AWS Control Tower to manage their cloud infrastructure effectively.
Richard Fan
AWS Security Hero & Security Engineer
When Data Collaboration Meets Privacy: Privacy-Preserving Data Analysis on the Cloud
With the boom of data generated on the cloud, collaboration around this data is becoming increasingly important. However, privacy concerns are a major obstacle. This talk explores the intersection of data collaboration and privacy, focusing on privacy-preserving data analysis techniques on the cloud. Attendees will learn about different methods and tools available to ensure data privacy while enabling effective data collaboration. This talk is especially relevant for organizations that deal with sensitive data and need to balance collaboration with privacy.
Roland Lee
Head of Products @ Heimdall Data
Managing Database Roles with Active Directory/LDAP for SOX Compliance
For Amazon RDS / Redshift, Enterprises use Active Directory / LDAP to centralize user authentication and group membership. But this presents two challenges: • SOX (Sarbanes Oxley) and SoD (Segregation of Duties) non-compliance, as security teams lose visibility and control of data access. • Databases have to be preconfigured with users and roles, increasing IT management burden. In this session, we will discuss ways to secure data access for SOX and SoD compliance, while removing the need data teams to manage the user credentials and roles.
Sandeep Mohanty
Sr. Solutions Architect @ AWS.
Auto-remediate Security and Compliance deviations using AWS Services
Are you looking to optimize your AWS resources and ensure best practices are followed? Join us for an insightful dive deep session into the world of AWS Trusted Advisor and how you can leverage it to streamline your operations. Learn how you can benefit by implementing architecture patterns to auto-remediate best practice deviations detected by AWS Trusted Advisor, respond quickly to security vulnerabilities and continue to optimize your AWS environment!
Sean Falconer
Head of Marketing & Developer Relations @ Skyflow
The Data Cloud's Cheese and Diamond Problem
In the backends of many products, there’s a users database table or equivalent containing user data like names, emails, phone numbers, and addresses. This data is treated and protected as any other application data. A security perimeter is put around it, but from within the perimeter, applications and sometimes employees have full access. Treating users' PII data like any other application data is a fundamentally flawed design choice. User data is special and must be treated that way. Just as I don’t store my diamonds in the refrigerator with my cheese, user data doesn’t belong in your application storage intermixed with your other data. It must be isolated and protected. In this talk, we explore this topic in detail, making a case that the only way to stop the epidemic of data breaches and meet consumer and regulatory demands for data privacy is to fundamentally change our mindsets about how to store and manage PII.
Time | Session Details | |||
---|---|---|---|---|
Morning Sessions | ||||
08:00 AM - 4:00 PM | Badge pick up, Assisted Registration, Information Desk - Grand Lobby | |||
08:30 AM - 09:30 AM 1 hour | Breakfast and Networking - Grand Hall | |||
09:30 AM - 10:00 AM 30 minutes | Welcome, Introductions and Sponsors Parade - Julia Furst - AWS Community Builder - Hahn Auditorium | |||
10:00 AM - 10:45 AM 45 minutes | Keynote - Security in the age of Gen AI - Peter M. O’Donnell - Principal Solutions Architect, Security at AWS - Hahn Auditorium | |||
10:45 AM - 11:15 AM 30 minutes | Tea/coffee break and Networking - Grand Hall Sponsored by AWS | |||
Tracks | Hahn Auditorium | Lovelace | Boole | Glass rooms |
11:15 AM - 11:55 AM 40 minutes | Cloud Hacking Scenarios --Michal Brygidyn | Auto-remediate Security and Compliance deviations using AWS Services --Manas Satpathi, Sandeep Mohanty | Bringing AI Everywhere: Accelerating GenAI for Enterprise --Alex Sin | Startup Security: Techniques to Stay Secure while Building Quickly. 2 Hands-on Workshops! Building with Generative AI on AWS using PartyRock, Amazon Bedrock, and Amazon Q (Laptop Required) --Jenni Wu and Banjo Obayomi |
12:00 noon - 12:25 PM 25 minutes | When Data Collaboration Meets Privacy: Privacy-enhancing Technologies on AWS --Richard Fan | You're Hit by a Ransomware Attack, What's Next? --Julia Furst Morgado | The importance of protecting APIs as enterprises move to adopt the AWS cloud --Marlon Chung | |
12:30 PM - 1:30 PM 1 hour | Lunch and Networking - Grand Hall SPONSORS WANTED!! | |||
Post Lunch Sessions | ||||
Tracks | Hahn Auditorium | Lovelace | Boole | Glass rooms |
1:30 PM - 1:55 PM 25 minutes | Managing Database Roles with Active Directory/LDAP for SOX Compliance --Roland Lee | AWS Control Tower: How to adopt it --Peter Sankauskas | The Data Cloud's Cheese and Diamond Problem --Sean Falconer | Accelerating AI: Unveiling the Power of Intel Gaudi Al Accelerators. 2 Hands-on Workshops! Building with Generative AI on AWS using PartyRock, Amazon Bedrock, and Amazon Q (Laptop Required) --Alex Sin and Banjo Obayomi |
2:00 PM - 2:25 PM 25 minutes | Developer Mindset: Embracing GitOps for Network Security and Compliance --Gunnar Grosch | Real-world Authorization --John Martinez | Enabling SaaS Networking, Routing and Security Using Amazon VPC Lattice --Babak Parvizi | |
2:30 PM - 2:55 PM 25 minutes | Afternoon Tea break SPONSORS WANTED!! | |||
Tracks | Hahn Auditorium | Hahn Auditorium | Hahn Auditorium | |
3:00 PM - 3:45 PM 45 minutes | Panel Discussion: Security and Data Privacy - Implementing Responsible Practices on AWS
The rapid advancement of generative AI has sparked exciting new capabilities in content creation, personalization and more. However, without proper security and privacy safeguards, these powerful systems also carry risks like data exposure, algorithmic bias, and potential misuse. This panel brings together AWS experts in AI, cloud security and data governance to discuss best practices for developing responsible and trustworthy AI systems on AWS. Panelists will provide guidance on privacy-preserving data handling, securing access to sensitive training data, and auditing AI models for unintended bias. They will also share AWS services like PrivateLink, encryption, access controls, and SageMaker Clarify that can assist in keeping generative AI secure and ethical. Through an interactive moderated discussion and Q&A, attendees will learn actionable strategies for architecting private, trustworthy AI workflows spanning data collection, model development, and prediction serving. The panel will cover crucial lessons as companies leverage generative models and AWS AI services across diverse industries and applications. Attendees will take away implementation recommendations to build secure, compliant and responsible AI systems that earn customer trust. Panelists: Ishneet Kaur Dua, Parth Patel Moderator: Ajjay Govindaram | |||
3:45 PM - 4:00 PM 15 minutes | Raffle & Closing Note - Hahn Auditorium |
AWS
Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.
Check Point
The Leading Cyber Security Platform. Fueled by AI, the Check Point Infinity platform autonomously predicts and prevents attacks across networks, clouds, endpoints and devices. Explore our Network, Cloud, User and Access security products with a personalized demo from one of our security experts.
Pangea
Pangea helps you create secure apps without slowing down innovation. With our comprehensive platform of essential API-based security services, you can effectively and efficiently protect your users, meet security and compliance standards, and block threats. We’re turning the complex and fragmented world of security into a simple set of pay-as-you-go APIs for developers. By eliminating the burden of building, scaling and managing complex security code, you can focus on your app logic while reducing its attack surface.
Computer History Museum
1401 N Shoreline Blvd,
Mountain View, CA 94043