
#93 - The DevSecOps Perspective: Key Takeaways From Re:Invent 2025
From The DevSecOps Talks Podcast by Mattias Hemmingsson, Julien Bisconti and Andrey Devyatkin
March 5, 2026 · 28 min · Episode 93
About this episode
Andrey and Mattias deliver a security-heavy recap of AWS re:Invent 2025 announcements.
Andrey and Mattias share a fast re:Invent roundup focused on AWS security. What do VPC Encryption Controls, post-quantum TLS, and org-level S3 block public access change for you? Which features should you switch on now, like ECR image signing, JWT checks at ALB, and air-gapped AWS Backup? Want simple wins you can use today? We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel Summary In this episode, Andrey and Mattias deliver a security-heavy recap of AWS re:Invent 2025 announcements, while noting that Paulina is absent and wishing her a speedy recovery. Out of the 500+ releases surrounding re:Invent, they narrow the list down to roughly 20 features that security-conscious teams can act on today — covering encryption, access control, detection, backups, container security, and organization-wide guardrails. Along the way, Andrey reveals a new AI-powered product called Boris that watches the AWS release firehose so you don't have to. Key Topics AWS re:Invent Through a Security Lens The hosts frame the episode as…
People in this episode
Hosts: Andrey Devyatkin, Mattias Hemmingsson
Topics covered
- AWS security
- VPC Encryption Controls
- post-quantum TLS
- S3 block public access
- ECR image signing
- JWT checks at ALB
- air-gapped AWS Backup
Keywords
- AWS re:Invent
- security
- encryption
- access control
- container security
- AI-powered product
- Boris
Mentioned in this episode
Organizations: AWS
Products: Boris
More episodes of The DevSecOps Talks Podcast
- #102 - The 90-Day Patch Window Is Dead With Ian Amit And Matias Madou · June 5, 2026 · 51 min
- #101 - Infrastructure as Code in 2026: Still Essential or Already Changing? · June 4, 2026 · 38 min
- #100 - 100 Episodes Later: What Still Matters in DevSecOps · May 7, 2026 · 41 min
- #99 - AI SRE and the End of 3 AM On-Call · April 28, 2026 · 48 min
- #98 - Beyond AI SRE · April 21, 2026 · 37 min
- #97 - Shift Left, Get Hacked: Supply Chain Attacks Hit Devs · April 15, 2026 · 36 min
Explore listener stats, chart rankings, contacts and more on the The DevSecOps Talks Podcast podcast page.