On the Ground at AWS re:Inforce: Top 5 Cloud Security Takeaways

As someone who is deeply connected to SUSE’s cloud partnerships, my time on the ground at AWS re:Inforce 2025 was incredibly insightful. The event showcased the accelerating pace of innovation in cloud security, with a strong focus on technical learning and demonstrations. At SUSE we are dedicated to streamlining security and compliance for Amazon EKS and implementing Zero Trust for Kubernetes and the keynotes and discussions offered invaluable perspectives. 

At every turn, I was reminded of SUSE’s leadership in cloud security and how we are driving key innovation and adding value to our customers based on the key themes that emerged from the show.

Here are the top 5 key takeaways from the event:

1. Zero-Trust Architectures are Essential

A major theme was the strong push toward Zero-Trust security models, moving from traditional perimeter security to a “never trust, always verify” approach. This extends security to data, applications, and microservices, especially in distributed cloud environments and with remote workforces. AWS showcased new tools for granular access controls and continuous identity/device verification like the IAM and IAM Identity Center for managing temporary credentials and eliminating over-privileged root access, as well as the expansion of MFA enforcement for member account group users This aligns perfectly with SUSE Security and how its deep packet inspection and behavioral-based Zero-Trust capabilities enable organizations to enforce Zero-Trust network access, even for East-West traffic within Kubernetes clusters, providing crucial application-level awareness. Our ability to create automated policies based on learned application behavior directly addresses the complexity of implementing Zero-Trust at scale.

2. Software Supply Chain Security is Critical

The keynote highlighted the increasing vulnerabilities within the software supply chain. AWS introduced initiatives to enhance the security of development pipelines, including image scanning, vulnerability management, and ensuring the integrity of open-source components. The key message: securing what you build is just as vital as securing where you run it. This presents a prime opportunity to showcase SUSE Rancher Prime’s Application Collection and Kubewarden. The Application Collection offers curated, trusted, and hardened images, directly addressing the need for secure components. Furthermore, Kubewarden’s Cluster Operator admission control rules, integrated with CI/CD pipelines, allow for policy enforcement and validation before applications are deployed, reinforcing the layered security approach AWS promoted for the software supply chain. SUSE helps secure the entire container lifecycle. 

3. Generative AI Security:

It’s no surprise that Generative AI was a key topic, emphasizing the critical need for robust security around AI workloads, training data, and AI agents. AWS showcased new services focused on data privacy and model integrity for AI development and deployment. SUSE Rancher Prime offers a secure and compliant Kubernetes platform for deploying and managing AI applications, and SUSE Security can monitor and protect these containerized AI workloads at runtime from known and unknown threats. Our ability to secure Amazon EKS is particularly relevant as many AI workloads are containerized, a point highlighted by SUSE AI presence in our re:Inforce print materials.

4. Cloud Security is Expanding to the Edge:
Securing workloads at the edge is increasingly critical. As more data processing and applications move closer to the source, AWS stressed the need for consistent security policies across cloud, on-premises, and edge environments. This expansion offers opportunities for enhanced responsiveness and resilience. 

5. Automation and Observability Simplify Security Operations
A consistent message at AWS re:Inforce was the importance of simplifying security operations through increased automation and comprehensive observability. AWS demonstrated services and integrations designed to automate compliance, enhance insights into security events, and streamline incident response, ultimately reducing manual effort and improving threat detection. 

SUSE Cloud Observability, integrated with SUSE Rancher Prime, directly supports this critical theme. Our observability solution provides full-stack monitoring, alerting, and root cause analysis for containerized workloads, enabling faster troubleshooting and proactive threat mitigation. The single pane of glass management offered by SUSE Rancher Prime, which unifies security and operations, aligns with the call for simplified security management. SUSE Security, deployed as a cloud-native application, enables rapid security deployment and automates security-as-code for policy enforcement and comprehensive workload protection from pipeline to production and data center to the edge. This helps customers achieve greater operational efficiency and a stronger security posture by automating and streamlining their cloud-native environments. 

These event key takeaways underscore the profound relevance of SUSE’s portfolio, which directly addresses each of these critical areas. Ultimately, the event reinforced that SUSE is uniquely positioned to empower organizations to secure their critical Kubernetes workloads on AWS, delivering robust and compliant solutions in this dynamic cloud landscape.

AWS re:Inforce 2025 clearly established that cloud security is a top priority and a rapidly advancing field, emphasizing themes like Zero-Trust, securing the software supply chain, AI security, expanding to the edge, and simplifying operations through automation and observability.

To learn more about SUSE Security solutions on AWS, reach out to cloudsales@suse.com. Curious to see our products in action? Register for a free live demonstration applying Zero-Trust security to Kubernetes. To learn more about SUSE Security solutions on AWS, reach out to cloudsales@suse.com. Curious to see our products in action? Register for a free live demonstration applying Zero-Trust security to Kubernetes.