AWS Security Jam, what and why?

In this post, I share my experience participating in the AWS Security Jam.

During November 2023, for the first time, I participated in both in-person and online AWS Security Jam. I found the time invested to be truly worth it.

AWS Jam 

During an AWS Jam event, individuals or teams are given the chance to apply their skills in solving real-world AWS use cases and scenarios. The goal is to learn about cloud best practices in a gamified learning environment. Participants are provided with access to AWS Management Console sandbox to solve hands-on challenges. Challenges teach AWS best practices around security, machine learning, DevOps, database, networking, and more. 

AWS Security Jam 

During AWS Security Jam, participants typically engage in a series of hands-on labs and challenges that simulate real-world security scenarios. These scenarios cover various aspects of AWS security, including identity and access management, network security, encryption, monitoring, and incident response. Participants get the opportunity to work with AWS services and tools to implement security best practices and respond to security incidents. 

AWS Security Jam events may be conducted in different formats, including virtual online sessions and in-person workshops. The goal is to help participants deepen their understanding of AWS security services, enhance their practical skills, and stay current with the latest security features and best practices in the AWS ecosystem. 

My experience  

In-person Jam

The in-person Jam experience happened during AWS security day 2023 designed exclusively for the Public Sector to help navigate AWS Security and Compliance. The Jam took about 1.5 hours. I could participate individually or join with other participants to form a team. I opted-in for the team and formed a team with another person sitting besides me. 

In the beginning, the Jam moderator from the AWS team gave an introduction about Jam and how to navigate the lab environment. Then each team could select a challenge to work on. The Jam is a time-based competition. Each challenge has a degree of difficulty with associated points. There are also clues to help solve the challenge, but using the clues comes with negative points. 

We decided to start working on easy challenges. Each of us worked on one challenge, however we still tried to share the learning and solve the challenges together. We managed to solve 2 challenges completely and one challenge partially. 

In retrospect, I think it would be better to solve each challenge together as a team, so there is more focus and collaboration opportunities. It was a good idea to start from easy challenges and move on to more complex challenges. 

The online Jam

The online security Jam happened on a different day and took 3 hours. The format of the participation was individual (teams consist of one person). There was a quick introduction for Jam and registration information in the beginning. 

Having prior experience, it was much faster for me to start working on challenges right away. Except for one challenge, there was no repeated challenge between the two Jams I participated in. 

To give you a clue while not spoiling the experience for others, the challenges were related to topics such as: encrypting S3 buckets with customer managed keys, AWS Config Conformance Packs, incident response, KMS policy, WAF, etc. 

The list of AWS services that I used during the Jam: Redshift, S3, IAM, WAF, CloudWatch Logs, CloudWatch, CloudTrail, Athena, Config, EC2, DynamoDB, Key Management Service, Lambda, Auto Scaling, SSM

No worries if you are not familiar with some of these topics or services. The goal of the Jam is to learn in a hands-on environment. I personally learned many new topics which would help me make better decisions in our AWS environment. Besides learning, I (AlphaBeta) also scored second place among 18. Below is the leaderboard:

[The article is written by me, assisted by AI]