Talks and Publications
AWS Summit ANZ 2022 - Security best practices the Well-Architected way
As you continually evolve your use of the AWS platform, it’s important to consider ways to improve your security posture and take advantage of new security services and features. In this advanced session, we share architectural patterns for meeting common challenges, service limits and tips, tricks, and ways to continually evaluate your architecture against best practices. Automation and tools are featured throughout, and there will be code giveaways! Be prepared for a technically deep session on AWS security.
Essential security for everyone: Building a secure AWS foundation
Blog post on the AWS Security Blog outlining how teams of all sizes can gain access to world-class security in the cloud without a dedicated security person in your organization. I look at how small teams can build securely on Amazon Web Services (AWS) in a way that’s cost effective and time efficient.
AWS Summit ANZ 2020 - Cloud security for everyone: Multi-account strategy
The cloud enables every business to have enterprise-grade security. Leveraging multiple accounts is an essential security pattern, even in small teams without dedicated security personnel. In this session, we dive deep into the accounts and learn how to configure them. Attendees are expected to have an understanding of the shared responsibility model and IAM.
AWS re:Inforce 2019 - DevSecOps: Integrating security into pipelines
In this workshop, you practice running an environment with a test and production deployment pipeline. Along the way, we cover topics such as static code analysis, dynamic infrastructure review, and workflow types. You also learn how to update your process in response to security events. We write new AWS Lambda functions and incorporate them into the pipeline, and we consider capabilities such as AWS Systems Manager Parameter Store and AWS Secrets Manager.
AWS Summit ANZ 2019 - Essential Security Patterns
The cloud enables every organisation to have enterprise-grade security. You don't have to have a dedicated cloud security team to have strong security in the cloud, nor does having a high-security bar mean your teams have to slow down. This session will take you through patterns you can implement today to raise your security posture without needing to hire additional staff or breaking the bank. Attendees are expected to already have an understanding of the AWS responsibility model. This session will also demonstrate how AWS Organizations can be leveraged to add guardrails to your AWS usage in addition to the steps needed to set up a secure data bunker.
AWS Dev Day Australia 2018, DevBytes - Serverless Pipelines for Serverless Applications
You've managed to build an application that doesn't need servers so why run a server just to deploy it? Join this DevBytes talk to see how you can use AWS CodePipeline, a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. This session includes code snippets and a demo showing how you can deploy your serverless application without using servers.