Red Teaming AWS: Practice What You Preach

Building a culture of security is a journey that never ends, but this is a story of how one started. In a previous life working at a Cloud Native consultancy, we were experts on software delivery, but security was a skillset we rapidly needed to grow and cultivate.

To that end we conducted a surprise red team exercise targetting our AWS environment, by:

  • Planning a fake company day and making an unanounced assault on our infrastructure
  • Tapping communication lines so we could maintain a steady level of challenge
  • Driving all actions through our most junior members
  • And having a lot of fun

Learn how we built an enduring security culture that continues to grow and mature, and has become part of the company folklore. Culture is shaped through action not rhetoric, and if you want truly unlock DevSecOps there are few ways better than this.



Josh Armitage


Known for a booming voice and distinct lack of a sense of humour, Josh works as a consultant after spending time with everything from mainframes to machine learning and kubernetes. Having