AWS re:Inforce Home
Subscribe

Generative AI

AWS re:Inforce 2024 content is designed to help prepare security professionals for the challenges and demands of the generative AI era.
Learn more
Keynote
Generative AI
Innovation Talks
Breakout content
Session catalog
Expo
Attendee guides
Interactive Training
Community
All Builders Welcome
Agenda
Sponsors
Venue
Mobile app
FAQs
Background image

Governance & compliance

This guide is for AWS re:Inforce attendees who are involved with governance, risk and compliance (GRC) activities for their organizations.

Teri Radichel

Teri Radichel

CEO, 2nd Sight Lab

 

As an AWS Security Hero, I help organizations reduce risk via penetration tests and security assessments. Understanding the configuration and architecture of your AWS environment and related vulnerabilities or liabilities and associated risk is at the core of GRC. But how do you track and manage all those configurations?

 

Leveraging AWS services and automation can help you with some of the most challenging aspects of GRC, which include:

 

  • Balancing compliance with the ability for organizations to deliver on business goals.
  • Reducing the frequency and/or impact of attacks.
  • Providing timely and accurate data for risk-based decision-making.
  • Using actionable data that has clear next steps to reduce risk.
  • Identifying findings to remediate them before an audit or assessment.
  • Preventing non-compliant configurations altogether.

There are so many great sessions at AWS re:Inforce 2024, but this guide includes some that can help with your GRC objectives.

 

Breakout sessions
Chalk talks
Lightning talk
Workshops
Session Type

Breakout sessions

GRC201 | Cloud compliance journey: Compliance and audits

Level 200 — Intermediate

Get a general overview of compliance on AWS with this session that broadly covers the topic of compliance audits on AWS, and how you might approach them using AWS tools.

Learn more

GRC301 | Automation in action: Strategies for risk mitigation

Level 300 — Advanced

Manual processes for risk management in large organizations often become bottlenecks or are simply bypassed. This session demonstrates tools to help solve those problems.

Learn more
Session Type

Chalk talks

GRC335 | Govern costs in a multi-account environment

Level 200 — Advanced

Costs can quickly get out of hand if you don’t have governance for cost control in your cloud environment. This chalk talk provides some ideas for maintaining cost control using AWS Control Tower and AWS Organizations.

Learn more

GRC331 | Architecting AWS accounts for scale

Level 300 — Advanced

As I’ve explained on my blog, deploying separate accounts for trust boundaries is often easier than configuring the complex policies required to segregate resources in a single account. Learn how in this chalk talk.

Learn more

GRC232 | Getting ahead of risk: Scalable approaches for your business

Level 200 — Intermediate

Learn about managing risk down to the individual application layer with tools like myApplications and AWS Security Hub.

Learn more
Session Type

Lightning talk

GRC321 | Patterns to securely manage your AWS services with Meta

Level 300 — Advanced

Clients often ask me on consulting calls, "What is everyone else doing?" This lightning talk helps answer that question with real-world case studies from AWS customers.

Learn more
Session Type

Workshops

GRC372 | Set up a secure AWS environment with AWS Control Tower

Level 300 — Advanced

If you haven't looked at AWS Control Tower yet, here’s your chance to evaluate it for your business with a hands-on workshop. The concepts are critical to effective GRC on AWS.

Learn more

APS374 | Enhancing software supply chain security: SBOMs, signing, slimming

Level 300 — Advanced

Though not specifically in the GRC category, understanding SBOMs and supply chain threats is a critical component of any risk management strategy. This one of multiple sessions on the topic.

Learn more
Home of AWS re:Inforce
June 16–18, 2025 | Philadelphia, PA

Thank you for subscribing to re:Inforce updates.

Join the AWS Cloud community

Learn about AWS

What is AWS? AWS security blog AWS Merch Store

Resources

FAQs Plan your trip Justify your trip Sponsors Sustainability

Help

Contact us Accessibility services Code of conduct Terms & conditions

Privacy • Site Terms • Cookie Preferences • © 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.