AWS re:Inforce 2025– A Secure Foundation Enables Innovation

A secure foundation acts as a catalyst for innovation. It’s not a barrier but rather a necessary element that allows organizations to confidently pursue new ideas, technologies, and strategies, leading to sustainable growth and competitive advantage.  During the keynote and throughout AWS reinforce 2025, the two key themes that stood out for me were the business benefits around foundational security and the simplification of security at enterprise scale.

AI is fundamentally changing enterprise infrastructure by making it more intelligent, automated, and efficient.  That said, the introduction of AI workloads into the enterprise architectural mix makes the environment more complex and multifaceted.

AI has profoundly impacted enterprise infrastructure security, both by enhancing defense capabilities and presenting new challenges.

While AI has significantly improved enterprise infrastructure security by enhancing threat detection and response through real-time analysis, behavioral analytics, automated incident response, predictive threat intelligence, and reducing false positives, AI has also introduced new attack vectors like AI-powered botnets, AI-driven phishing, and AI-enhanced supply chain attacks.

From a security perspective, Amy Herzog , CISO AWS, shared that there were 4 areas where a secure foundation could enable innovation.

Identity and Access Management
Monitoring and Incident Response
Data and Network Protection
Migration and Modernization

There were a number of technical enhancements in each of these categories but let me take a moment to focus on the very customer centric and business focused message first.

Amy’s message, which set the tone for the conference, was that secure foundations, particularly in the digital age, build trust.  Security builds confidence among clients, partners, and employees, essential for adopting new technologies like AI.  When data is secure, organizations can confidently embrace new solutions without excessive risk, enabling faster responsiveness to industry trends and customer needs.

By safeguarding valuable assets, like protecting intellectual property (IP), enterprises can gain a competitive edge. Strong foundational security enables businesses to confidently adopt new technologies, meet regulatory requirements when expanding into new markets, and protect sensitive customer data. Organizations that integrate security into their digital transformation strategy can innovate, gain a competitive edge, and build long-term customer trust.

AWS looks to approach problem solving with a customer first ethos.  That means that they try to reverse engineer a solution beginning with the customer problem set as the goal.  Looking through that lens, what I see happening across the product portfolio is tighter integrations.  Customers have stepped forward and presented problems like the need for greater visibility across the footprint, or better insights and prioritization in one place, or a more structured approach to identity.

AWS has responded with tools that do more and are more tightly interwoven, doing away with silo’d data.  This is a good thing.

Let’s dig into the announcements.

Identity and Access Management

There were several notable in the Identity and Access Management category. AWS emphasized the importance of securing identities at scale, especially in hybrid and multi-cloud environments, and building comprehensive identity-centric security strategies.  The announcements spanned both workforce and customer identities.

Here are 3 of the IAM announcements:

  • IAM Roles Anywhere: Announced earlier in the month, IAM Roles Anywhere allows AWS IAM to extend its functionality to resources outside of AWS, enabling on-premises servers, containers, and applications to use X.509 certificates for temporary AWS credentials.
  • IAM Access Analyzer Enhancements: A new capability in AWS IAM Access Analyzer helps security teams verify which principals within their AWS organization have access to critical resources by using automated reasoning to evaluate multiple policies and provide findings through a unified dashboard.z

Monitoring and Incident Response

3 of the Monitoring and Incident Response announcements that stood out are these:

  • AWS Security Hub enhancements (Preview):AWS Security Hub is being enhanced to unify security signals and transform them into actionable insights, helping security teams prioritize and respond to critical issues at scale.
  • Amazon GuardDuty Extended Threat Detection for EKS clusters: Amazon GuardDuty now includes Extended Threat Detection for Amazon EKS clusters, enabling the detection of sophisticated multi-stage attacks.
  • New AWS Shield feature for proactive network security analysis (Preview): AWS Shield introduces a new preview feature that helps discover network security issues before they can be exploited.

Data and Network Protection

Key announcements at AWS re:Inforce 2025 related to data and network protection include new features for enhancing data recovery and protection, as well as advancements in network threat detection and mitigation.

Data Protection Announcements:

  • AWS Backup introduced Multi-party Approval for logically air-gapped vaults, a feature designed to enhance data recovery even if an AWS account is compromised.
  • The event also included a dedicated Data Protection track with sessions covering topics such as next-generation cryptography, trusted AI, privacy-enhancing technologies, and data protection throughout its lifecycle, addressing regulatory compliance and multi-cloud environments.

Network Protection Announcements:

A new AWS Network Firewall Managed Rule Group was announced, utilizing Amazon threat intelligence for protection against active threats relevant to AWS workloads.

AWS WAF enhanced its automatic application layer DDoS protection with faster detection and mitigation using machine learning to address suspicious traffic.