AWS Summit 2016 in Berlin

For the first time I’ve attended the AWS Summit in Berlin which against my expectations was very interesting. Not having much in common with AWS (at least not yet), from a security perspective the cloud still remains a very neglected threat to companies. As we all know there is some “rain” coming down from the cloud from time to time. And by “rain” I mean sensitive data which gets exposed due to misconfigured APIs, weak credentials or insecure applications.

AWS Summit 2016 Berlin

AWS Summit 2016 Berlin

In this years keynote Dr. Werner … pointed out why everybody is moving into the cloud and how they do it. But most important he talked about trends the digital world is facing at nowadays. Among these I’d like to list some.

Data explosion

Data warehouse everywhere

Analytics

Different ways to compute things

Deep security everwhere

Everything is mobile

Everything is connected

Hybrid

Security

As previously mentioned, the main goal was to identify main security threats in the cloud architecture. Dave Walker had an excellent talk about Securing serverless architectures. Driven by “bad things could happen, when people get creative” operational security is being taken seriously inside AWS. A few attack vectors were shown and the corresponding countermeasures. In general he distinguished between different layers:

Use cases

Among some (Siemens, Air Berlin, ProSiebenSat1, Dubsmash) companies already using AWS, I’ve really enjoyed Air Berlin talk where Michael Ruplitsch talked about their process moving stuff into the cloud:

Berliner Philarmoniker

AWS Use Cases

BitDefener

AWS Use Cases

SoundCloud

AWS Use Cases

Microservices

Since AWS seems to love microservices , Microservices on AWS was a really nice introduction. Implementing your own microservice and bringing it to the cloud, was then presented by Julien Simon in Clustering Docker on AWS with Amazon ECR & ECS.