3 Lessons Learned From AWS NYC Summit

“I remember when there were only about 40 of us meeting here, talking about AWS, and ending the day by descending on the hotel bar.” — Told to us by an AWS Summit Veteran

Threat_Stack_at_AWS_NY_2016_1.jpgHow times have changed (except maybe for the bar part)… It was amazing talking to customers who have been coming to the AWS New York Summit year-over-year, and who have watched it grow into the premier AWS event on the eastern seaboard. With more than 6,300 AWS customers and prospects descending on New York this year, the event itself has grown in scope and size, almost beginning to take on the personality of a mini AWS re:Invent (AWS’s annual customer conference held every year in Las Vegas).

For those on the vendor side, it was apparent that the adoption and maturity of those running in AWS have been growing rapidly. The conversations we had were no longer about considerations that need to be taken into account when theoretically moving to AWS someday in the distant future. Instead they had mostly transformed into energetic and enthusiastic discussions that were collectively saying: “Hey we’re moving, we’re in the thick of this now, how can you help us meet this, that, and the other need?”

Threat_Stack_at_AWS_NY_2016_2.jpgThe Threat Stack team had a great time talking face-to-face with the people we serve, shaking hands with happy customers and educating those unfamiliar with Threat Stack on how cloud security is different from the legacy, on-premise world. Through hundreds of conversations and a survey completed by visitors to our booth, we identified some recurring themes and trends among those in attendance, including these three top of mind issues: 

 

1. The Primary Concern: Keeping Customer Data Safe

39% of those polled stated that the #1 concern of their customers regarding security is that they have data loss prevention in place.

Given this information, it’s no wonder that data loss was also the primary security concern for the organizations running on AWS that we polled, especially considering the AWS Shared Responsibility Model places the responsibility for securing customer data squarely on the customer.

2. The Primary Need: Fast, Affordable Solutions

The majority of those polled stated that their primary need is to find solutions that fit budgets and are fast and easy to deploy, configure, and manage.

While we realize the pain of difficult and time-consuming deployments, we are excited to relieve customers of this long-time struggle to quickly deploy and immediately get value from security tools.  Threat Stack offers the fastest deployment in the market, taking just 90 seconds, no matter whether you have 1 or 1,000 servers. Couple this with an extremely powerful, featherweight agent — and Threat Stack is a highly efficient solution for cost-conscious buyers. 

3. The Primary Question: Where do I Start?

For all the traction and movement to the cloud, a ton of work still needs to be done to educate and address some of the confusion and mis-information in the market.

First, just because AWS is compliant, this does not make you compliant. It is important that those running in AWS familiarize themselves with the Shared Responsibility Model and understand what they are responsible for. When it comes to first steps, start by leveraging the tools and services in AWS, such as security groups and CloudTrail, and then practice good hygiene (e.g., treat servers like cattle rather than pets). Next, understand the hierarchy of cloud security needs (this differs substantially in the cloud where you no longer have an egress point in the network). We recommend taking an inside out approach and protecting your hosts with workload visibility, vulnerability management, and threat intelligence.

The Big Takeaway . . .

The big takeaway from this event is that Summits like this are extremely important in a fast-growing market. They enable customers to stay on top of new trends and methodologies, learn from their peers, and meet partners and vendors in person to discuss ways of meeting security requirements. Needless to say, Threat Stack will return to this event in 2017. Fortunately, you don’t have to wait until then to get expert advice from our security team: we are happy to setup a demo or trial whenever you want, wherever you are through our website.

And by the way, Threat Stack is sponsoring the AWS DevOps Pop-up Loft in San Francisco this week, so if you’re in the area, stop on by to chat and pick up a free T-shirt.