Top Cybersecurity Instructors and Best Offers of the Year Available Now - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Threat Hunting through Log Analysis in AWS

  • Wednesday, July 15, 2020 at 10:30 AM EDT (2020-07-15 14:30:00 UTC)
  • Shaun McCullough

You can now attend the webcast using your mobile device!



This talk will dive headfirst into the logging capabilities that are built into AWS, when to generate your own logs, how to make the best use of them. The talk will also discuss architectural decisions that will improve Threat Hunting and make use of the power of an automated cloud environment.

Speaker Bio

Shaun McCullough

As a hands-on practitioner with a gift for architecture design, Shaun explores the good and bad of how the Cloud is changing the way the industry secures and runs infrastructure. During his 25+ years of experience, Shaun has spent equal parts in security engineer and operations as well as software development. With extensive experience within the Department of Defense, Shaun was the Technical Director of the Red and Blue operations teams, a researcher of advanced host analytics, and ran a threat intelligence focused open source platform based on MITRE ATT&CK. Previously, he was a consultant with H&A Security Solutions, focusing on analytic development, DevOps support, and security automation tooling. Shaun has authored the brand new SEC541: Cloud Monitoring and Threat Hunting and can be found teaching SEC545: Cloud Security Architecture and Operations on a regular basis. Learn more about Shaun here.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.