Sign up to save your podcasts
Or
Share Season 5, Episode 9: Pipelines, Powers and Penetration Tests
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Season 5, Episode 9: Pipelines, Powers and Penetration Tests
In Season 5, Episode 9, Karl and Jon are joined by Jenn Bergstrom, VP of Cloud and Data Solutions at Parsons, AWS Community Builder, and AWS Ambassador. They discuss AWS Landing Zone Accelerator and custom CI/CD pipelines, AWS Security Agent’s new support for penetration tests on shared VPCs, A recent AI-augmented campaign that targeted over 640 Fortinet firewalls, Resilience testing on Amazon ElastiCache with AWS Fault Injection Service, AWS IAM Policy Autopilot now available as a Kiro Power, Controversy over whether AI (Kiro) or human error caused a recent AWS outage, and the conversation moved on to whether it’s more important to protect the feelings of human team members or AI agents!
04:48 - AWS Landing Zone Accelerator and custom CI/CD pipelines
The hosts and guest discussed the complexity of the new feature, comparing it to existing solutions like AWS Control Tower for Terraform. They questioned the necessity of the additional steps involved and wondered about its potential adoption rate.
13:15 - AWS Security Agent's support for penetration tests on shared VPCs
The speakers highlighted the importance of this feature for organizations with multiple accounts and shared VPCs. They discussed how it could complement traditional penetration testing services by allowing more frequent and cost-effective internal testing.
19:16 - AI-augmented campaign targeting Fortigate firewalls
The discussion centered on the use of AI tools by malicious actors to create more sophisticated attacks. The speakers emphasized the importance of basic security hygiene, such as changing default credentials and keeping management interfaces off the internet.
27:24 - Resilience testing on Amazon ElastiCache with AWS Fault Injection Service
A quick walkthrough for chaos-testing Amazon ElastiCache resilience with AWS Fault Injection Service, simulating an Availability Zone interruption/failover and showing how to run the experiment, capture logs, and validate your app’s reconnect/retry and fallback behavior.
36:18 - AWS IAM Policy Autopilot as a Kiro Power
The hosts and guest talked about the benefits of integrating IAM Policy Autopilot into Kiro, making it easier for developers to create secure IAM policies. They discussed the concept of Kiro Powers and how they simplify access to various AWS tools and services.
41:17 - Controversy over AI vs. human error in AWS outage
The speakers discussed the recent controversy surrounding whether an AWS outage was caused by Kiro (AI) or human error. They debated AWS's decision to blame human error rather than their AI tool, considering the implications for trust in both AI systems and human engineers.
View all episodes
By LogicataIn Season 5, Episode 9, Karl and Jon are joined by Jenn Bergstrom, VP of Cloud and Data Solutions at Parsons, AWS Community Builder, and AWS Ambassador. They discuss AWS Landing Zone Accelerator and custom CI/CD pipelines, AWS Security Agent’s new support for penetration tests on shared VPCs, A recent AI-augmented campaign that targeted over 640 Fortinet firewalls, Resilience testing on Amazon ElastiCache with AWS Fault Injection Service, AWS IAM Policy Autopilot now available as a Kiro Power, Controversy over whether AI (Kiro) or human error caused a recent AWS outage, and the conversation moved on to whether it’s more important to protect the feelings of human team members or AI agents!
04:48 - AWS Landing Zone Accelerator and custom CI/CD pipelines
The hosts and guest discussed the complexity of the new feature, comparing it to existing solutions like AWS Control Tower for Terraform. They questioned the necessity of the additional steps involved and wondered about its potential adoption rate.
13:15 - AWS Security Agent's support for penetration tests on shared VPCs
The speakers highlighted the importance of this feature for organizations with multiple accounts and shared VPCs. They discussed how it could complement traditional penetration testing services by allowing more frequent and cost-effective internal testing.
19:16 - AI-augmented campaign targeting Fortigate firewalls
The discussion centered on the use of AI tools by malicious actors to create more sophisticated attacks. The speakers emphasized the importance of basic security hygiene, such as changing default credentials and keeping management interfaces off the internet.
27:24 - Resilience testing on Amazon ElastiCache with AWS Fault Injection Service
A quick walkthrough for chaos-testing Amazon ElastiCache resilience with AWS Fault Injection Service, simulating an Availability Zone interruption/failover and showing how to run the experiment, capture logs, and validate your app’s reconnect/retry and fallback behavior.
36:18 - AWS IAM Policy Autopilot as a Kiro Power
The hosts and guest talked about the benefits of integrating IAM Policy Autopilot into Kiro, making it easier for developers to create secure IAM policies. They discussed the concept of Kiro Powers and how they simplify access to various AWS tools and services.
41:17 - Controversy over AI vs. human error in AWS outage
The speakers discussed the recent controversy surrounding whether an AWS outage was caused by Kiro (AI) or human error. They debated AWS's decision to blame human error rather than their AI tool, considering the implications for trust in both AI systems and human engineers.