SANS 2021 features 30+ Interactive Courses, Three NetWars Tournaments, Trivia Night, and Bonus Talks! Save $150 thru 3/3.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

JumpStart Guide for Security Information and Event Management (SIEM) in AWS

  • Wednesday, August 28, 2019 at 1:00 PM EDT (2019-08-28 17:00:00 UTC)
  • J. Michael Butler, David Aiken, Jay Austad


  • AWS Marketplace
  • Optiv

You can now attend the webcast using your mobile device!



Security information and event management plays an important role in collecting data on network assets and traffic. That information can then be funneled through security orchestration and automation and response (SOAR) systems to protect network environments both on-premises and in the cloud. This pre-recorded webcast provides guidance on the key issues to consider when choosing SIEM or SOAR products for integration on the AWS platform and suggests a process for making such important decisions.

Attendees at this webcast will learn about:

  • Cloud design considerations affecting the selection and use of SIEM and SOAR technologies
  • Needs and capabilities associated with SIEMs or SOARs with respect to bandwidth, performance affects, logging capabilities and more
  • Key business, technical and operational considerations for SIEM/SOAR implementation
  • Key AWS-specific considerations for enabling effective logging, endpoint protection, forensics, automation and reporting through SOAR systems
  • Process for making an informed decision about products to integrate.

Register for this webcast to be among the first to receive the associated whitepaper written by SANS Analyst and cybersecurity specialist J. Michael Butler.

Speaker Bios

J. Michael Butler

J. Michael Butler is a SANS analyst who has also written SANS security training courseware and audited certification test questions; presents thought-provoking webcasts; and writes position papers, articles and blogs. He is an information security consultant with a leading provider of technical services for the mortgage industry, where he is involved in migration of assets to the cloud. Mike's responsibilities have included computer forensics, incident response, enterprise security incident management planning, internal auditing of information systems and infrastructure, information security policies, service delivery and distributed systems support. He holds the GCFA, GCIH, CISA, GSEC and EnCE certifications.

David Aiken

David Aiken is a Solutions Architect Manager at AWS Marketplace and is an AWS Certified Solutions Architect. He leads a team of specialist SA’s that help customers implement security and governance best practices. His skills include cloud computing, enterprise architecture, agile methodologies, web services, and software design and development. David has also worked as a product manager, technical specialist, and architect evangelist.

Jay Austad

Jay Austad brings more than 20 years of experience in network architecture, infrastructure, automation, strategic planning, and security with more than 500 enterprise clients to his role as Vice President of Orchestration and Automation at Optiv. His efforts are focused around service delivery, product development, and technical innovation with SOAR, DevSecOps, and Robotic Process Automation in the area of Cyber Digital Transformation (CDx), which includes cloud, data analytics, automation, and product security (ICS/IOT).

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.