AWS re:Invent 2025: What Three Industry Heavyweights Told Me On Day One

AWS re:Invent has always been the place where the real conversations happen. Yes, there are keynotes and announcements, but the real insight comes from the people who build, ship, secure and operationalize technology every day. It is where strategy meets reality and where the industry gets a first look at what is coming next. 

On day one, I sat down with three experts who do not waste time on buzzwords. Rob Tiffany of IDC who keeps the conversation grounded in what builders actually need right now. David Linthicum, one of the most published voices in cloud and AI. And Leonard Lee of neXt Curve, who has been leading the discussions on responsible and safe AI long before it became a conference theme. 

I asked each of them the same three questions: 

1. Tell me one key learning that you expect or hope for from AWS re:Invent 2025. 

2. Let’s take a look at Core Agentic AI Platform Innovations. How much of a game changer is Amazon Bedrock AgentCore and the new capability within Amazon Bedrock Agents for multi agent collaboration. 

3. With the heavy industry focus on AI, are you expecting that we’ll be seeing security announcements around protecting AI models, APIs and data and features that help guard against threats like data exfiltration and model inversion. 

Their answers say a lot about what the industry is hoping to learn this week and where the biggest opportunities and challenges still sit. 

Tell me one key learning that you expect or hope for from AWS re:Invent 2025. 

Rob Tiffany: I’m really excited to hear more about what they’re doing around development, around building agents, and then building apps. One of the big missing pieces is when people are really going to start building massive applications that take advantage of all this stuff. 

David Linthicum: Where’s the priority. Is it in AI or is it in cloud. Because it can’t be both. They have to invest somewhere and they’re going to have to disappoint one half of their market. 

Leonard Lee: I’m really looking forward to finding out what their approach to safe AI is. Everyone is talking about agentic AI but no one has cracked the code on responsible and safe agentic AI. Are we getting any closer or are we still orbiting the same unresolved concerns. 

My Take: All three see day one as a moment of truth. Builders want real tools for building applications, enterprises want clarity on where AWS will place its long term bets, and the industry as a whole wants answers on how to make agentic AI safe, trustworthy and operational at scale. The themes overlap but the urgency is different for each audience, which is exactly why re:Invent matters. It forces the conversation into the open. 

How much of a game changer is Amazon Bedrock AgentCore and the new capability within Amazon Bedrock Agents for multi agent collaboration.

Rob Tiffany: There is that talk about how you build a system that can help us have billions of agents or millions of agents. Building all that on top of Bedrock is going to be huge because so many people use Bedrock to get access to so many different models. I just want to make sure what we hear from them is something that works in other locations, not just something that only runs on AWS. 

David Linthicum: I don’t think it is much of a game changer. It is not an innovative demonstrator that I have not heard from everybody else. It would have been helpful if they said here is how we are going to approach application development or when agentic should be used. They are going to run around on stage and shout agentic without solving the issues customers actually have. 

Leonard Lee: On the surface, it does not sound differentiated from what we have seen from Amazon’s peers. It is table stakes. Useful and required for the fast narrative forming around agentic AI, but it is still disconnected from mission critical systems that actually run a business. There is a mismatch between what is being built and what enterprises can safely operationalize. 

My Take: Bedrock’s agentic moves land in the middle of three very different expectations. Builders want scale and portability, pragmatists want guidance on when these patterns actually work, and enterprise leaders want assurance that these frameworks can touch core systems without introducing new risk. The technology is evolving quickly, but the operational guardrails have not caught up. That gap is exactly where customers will be looking for clarity this week. 

Are you expecting to see security announcements focused on protecting AI models, APIs and data and features that help guard against threats like data exfiltration and model inversion

Rob Tiffany: I so hope so. We have seen attacks where bad actors infiltrated models and used them to attack infrastructure across companies and governments. It feels like a blind spot. It reminds me of the early days of SQL injection where people were putting fake data into systems. That attack should be a wake up call. Guardrails are not enough because agents can go off script and things can get away from us fast. 

David Linthicum: I would not release anything that did not have a good security mechanism around it. Security should be first, not an afterthought. What we are hearing from vendors is generative AI, then agentic AI, and only if pressed will they talk about security. Adapting existing security models is not enough. Bespoke security systems purpose built for AI are the only way this works. 

Leonard Lee: If we do not see real security progress, the ball is not going to move very far. Security has not been prioritized. There has been a lot of lip service and not a lot of examination of the foundational issues. The problems are familiar, and we already know what the answers are, but people are being distracted by buzzwords. MCP is being overdramatized and it only increases complexity. Without real security and trust frameworks, none of this gets enterprise ready. 

My Take: The consensus is blunt. The industry is out over its skis on agentic AI without the security groundwork required to protect what we are building. Every expert pointed to the same gap from a different angle. AI security cannot be inherited from legacy frameworks, it cannot be bolted on late, and it cannot be solved with buzzwords. If re:Invent moves the conversation forward on anything this year, this is the topic that will matter most for long term adoption. 

If day one proved anything, it is that the industry is ready for answers. Not promises. Not headlines. Answers. The next steps for agentic AI, safe AI and operational AI will depend on how well we close the gap between expectation and reality. That is why I am here, and that is why these conversations matter. 

What I heard on day one was not hype. It was a clear signal that the industry is hungry for tools that are ready for real workloads, frameworks that reduce risk instead of adding to it, and clarity on how agentic systems will evolve past demos. AWS has the scale and the influence to move those conversations forward. This week will show how far that momentum can carry. 

— Jo Peterson, Founder & Principal Analyst
Cleartech research