homepage
Open menu
Contact Sales

SANS 2023: Hands-On Cloud Security Workshop: Building Detections in AWS

  • Monday, 03 Apr 2023 7:15PM EDT (03 Apr 2023 23:15 UTC)
  • Speaker: Ryan Nicholson

As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. In this workshop, which is a follow-on from the talk “Building Better Cloud Detections... By Hacking? (AWS Edition)“, we will work through the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our AWS environments. The overall process and takeaways will be:

  • Establish proper logging to detect the adversarial activity
  • Perform the attack to generate the appropriate artifacts
  • Review the log event data
  • Create an automated process to quickly discover this activity
  • Test that the automated process is working effectively by “re-attacking” the AWS account

Prerequisites: An AWS account with administrator access

System Requirements: A modern web browser

Login to Register
Generic_Webcast.jpg

Related Content

Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
cloudsecnext_blog_image.png
Cloud Security, DevSecOps
A Visual Summary of SANS CloudSecNext Summit 2023
SANS CloudSecNext Summit was hybrid event for the cloud security community. Check out these graphic recordings of the talks created in real-time.
370x370-person-placeholder.png
Alison Kim
read more
Blog
Blog_-_SEC568_-_Approaching_the_Software_Supply_Chain_-_340x340.jpg
Cyber Defense
SEC568: Approaching the Software Supply Chain like Jack Byrnes
Keep your circle of trust secure with product security testing
370x370_douglas-mckee.jpg
Douglas McKee
read more