Building Better Cloud Detections... By Hacking? | AWS Edition



As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. We will discuss the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our AWS environments. The overall process and takeaways will be:

  • Establish proper logging to detect the adversarial activity
  • Perform the attack to generate the appropriate artifacts
  • Review the log event data
  • Create an automated process to quickly discover this activity
  • Test that the automated process is working effectively by "re-attacking" the AWS account

Speaker and Presenter Information

Ryan Nicholson

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


When
Tue, Mar 14, 2023, 10:00am ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
SANS Institute


Contact Event Organizer



Return to search results