Tech Tuesday Workshop – Cloud Attacks and Incident Response

  • Tuesday, 09 Nov 2021 1:00PM EST (09 Nov 2021 18:00 UTC)
  • Speaker: Joshua Wright

Attackers evolve to exploit new opportunities, including attacks against cloud systems. As defenders, we also need to evolve, developing new skills and understanding in how attackers exploit cloud platforms, and how we should respond to these incidents.

In this Tech Tuesday workshop you will preview the new SANS SEC504 Hacker Tools, Techniques and Incident Handling course with a look at three modules on cloud attacks and cloud incident response. With hands-on exercises, you'll work on scanning vast ranges of cloud targets to discover shadow cloud systems, you'll see how attackers discover and enumerate cloud storage systems, and you'll look at an end-to-end attack against a cloud deployment to practice your incident response skills.

Prerequisites: None

Prior to the workshop: Download the Cloud Attacks and Incident Response workshop virtual machine. Double-click on the OVA file to import the VM with VMware. Boot the VM after import, then login with the username sec504 and the password sec504.
Please note, we will not be able to troubleshoot or support local VM issues. It is highly encouraged that you download and verify login to the VM before the workshop.

System Requirements:

  • VMware to launch a customized Slingshot Linux distribution (VMware Workstation Pro, VMware Workstation Player, or VMware Fusion for macOS; trial versions of all three are available, and VMware Workstation Player is available for free for non-commercial use.)
  • 30 GB free hard drive space 
  • At least 8 GB RAM