Cloud Security Monitoring

  • Thursday, 20 Jul 2017 1:00PM EDT (20 Jul 2017 17:00 UTC)
  • Speaker: Balaji Balakrishnan

This talk discusses how to apply security log monitoring capabilities for Amazon Web Services (AWS) Infrastructure as a Service(IaaS) cloud environments. It will provide an overview of AWS CloudTrail and CloudWatch Logs, which can be stored and mined for suspicious events. Security teams implementing AWS solutions will benefit from applying security monitoring techniques to prevent unauthorized access and data loss. Splunk will be used to ingest all AWS CloudTrail and CloudWatch Logs. Machine learning models are used to identify the suspicious activities in the AWS cloud infrastructure. The audience for this paper is the security teams trying to implement AWS security monitoring.