How to Build an Effective Cloud Threat Intelligence Program in the AWS Cloud

  • Tuesday, 09 Feb 2021 1:00PM EST (09 Feb 2021 18:00 UTC)
  • Speakers: Dave Shackleford, Nam Le

Learn how to improve your Cloud Threat Intelligence (CTI) program by gathering critical cloud-specific event data, relevant types of indicators of compromise (IoCs), and adversarial tactics, techniques, and procedures (TTPs). Tailoring your CTI program to your company's processes, workflows, and security investments allows you to reduce risk and accelerate the resolution of security events with actionable context and minimal noise.

In this prerecorded webcast, SANS and AWS Marketplace will discuss CTI detection and prevention metrics, finding effective intelligence data feeds and sources, and determining how best to integrate them into security operations functions. '

Attendees at this webcast will learn how to:

* Understand cloud-specific data sources for threat intelligence, such as static indicators and TTPs.

* Efficiently search for compromised assets based on indicators provided, events generated on workloads and within the cloud infrastructure, or communications with known malicious IP addresses and domains. '

* Place intelligence and automation at the core of security workflows and decision making to create a comprehensive security program.

Register today to be among the first to receive the associated whitepaper written by SANS senior instructor and cloud security expert Dave Shackleford.