AWS Security & Product Push

AWS staffed booth S‑0466 at RSAC 2026 with three interactive demo kiosks and ran four deep‑dive security sessions including "Privacy by Design in the AI Era" on March 23, 2026. (aws.amazon.com) IAM Access Analyzer can generate fine‑grained IAM policies from up to 90 days of AWS CloudTrail activity to replace broad permissions, and its documentation was updated March 26, 2026. (docs.aws.amazon.com) AWS prescriptive guidance and community benchmarks point to specific baselines — KMS‑backed encryption for data at rest, organization‑wide CloudTrail, and AWS Config checks are listed as core controls in the AWS security checklist and CIS AWS Benchmarks. (d1.awsstatic.com) On the RSAC floor vendors pitched automation that compresses investigations from hours to seconds, with SentinelOne unveiling Purple AI Auto Investigation and claiming Observo integration can cut pre‑ingestion data noise by up to 80%. (channelinsider.com) Market offerings shown at RSAC emphasize workload‑level protection for function‑based apps — Xcitium lists a CNAPP for marketplace deployment and Aqua documents serverless risks such as over‑provisioned permissions with tooling to flag unused roles. (aws.amazon.com) FinOps and security are converging in guidance and tooling: the FinOps Foundation refreshed its 2026 framework on March 19 to expand FinOps scope, analysts point to AWS budget overrun forecasts as cost‑and‑security guardrails, and CIO published practical integration tips for SecOps/FinOps collaboration. (finops.org) Amazon’s infrastructure pivot is material: company filings and press reporting document a roughly $200 billion 2026 capex plan driven largely by AWS, while a separate Amazon commitment to expand AI/supercomputing for U.S. government customers tops out at about $50 billion to add nearly 1.3 gigawatts of capacity; contemporaneous profiles cite AWS CEO Matt Garman as a key architect of the push. (bloomberg.com)