From June 16–18, we took part in AWS re:Inforce in Philadelphia — one of the most relevant cloud security events of the year. Represented by our Head of Tech in Cybersecurity, Esteban Sandoval, we joined hundreds of peers from around the world — including a strong LATAM community — to dive into the latest developments in threat detection, compliance automation, incident response, and more. 

Here are some key takeaways directly from the sessions and discussions Esteban attended: 

 1) Incident response: smarter, faster, more strategic

Three standout sessions focused on improving response time and decision-making during security incidents. These included: 

• Using Honeypots with AWS Lambda and WAF to detect and analyze attacker behavior — helping teams focus their security efforts where they matter most. 

• Best practices for containing AWS resources quickly and effectively to minimize intruder actions during an active breach. 

• A builder session on automating responses to Security Hub findings, featuring hands-on labs to explore highly automated isolation and forensic workflows. 

These sessions reinforced the importance of real-time visibility and automated containment when responding to evolving threats. 

2. Major Improvements in AWS SecurityHub, ACM, WAF & GuardDuty

During the keynote, AWS announced exciting enhancements: 

• SecurityHub dashboards now offer deeper visibility into threat exposures — cementing its evolution toward a full Cloud Security Posture Management (CSPM) solution. 

• AWS Certificate Manager (ACM) now supports exportable public certificates, addressing a long-standing request from the security community. 

• A simplified WAF console makes it easier for development teams to take ownership of tuning web application firewalls — enabling more agile security workflows. 

• Amazon GuardDuty has extended its threat detection coverage to EKS clusters — helping detect sophisticated, multi-stage attacks by correlating signals across Kubernetes audit logs, runtime behaviors, and AWS API activity. 

3. Generative AI: streamlining security operations

AI wasn’t just a buzzword — we saw hands-on examples of how Amazon Q Developer, paired with AWS Config, can now: 

• Build automated compliance checks 

• Remediate policy violations 

• Generate detailed audit reports 

This is a major leap forward in automating compliance management and reducing operational overhead. 

At Pyxis, we help organizations evolve their cybersecurity strategy by combining technical expertise, regulatory insight, and business context. Whether you’re looking to strengthen incident response, automate compliance, or scale Zero Trust architectures — we’re here to help. 

Curious how we can support your cloud security journey? Let’s talk