Building Better Cloud Detections... By Hacking? | AWS Edition

Tuesday, 14 Mar 2023 10:00AM EDT (14 Mar 2023 14:00 UTC)
Speaker: Ryan Nicholson

As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. We will discuss the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our AWS environments. The overall process and takeaways will be:

Establish proper logging to detect the adversarial activity
Perform the attack to generate the appropriate artifacts
Review the log event data
Create an automated process to quickly discover this activity
Test that the automated process is working effectively by "re-attacking" the AWS account

This webcast supports the 2-hour hands-on workshop “Building Detection in AWS”. You can register for one, the other, or both.

Login to Register

Related Content

CLD_-_Aviata_Cloud_Solo_Flight_Challenge_-_General_-_Workshop_340_x_340.jpg

Aviata Cloud Solo Flight Challenge

Master cloud security by tackling this free series of workshops.

SANS Cloud Security

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

340x340-Homepage_Inclusions_Cloud_Security_Curriculum.jpg

Cloud Agnostic or Devout?

Why Securing Multiple Clouds Using Terraform is Harder Than You Think