AWS INCIDENT RESPONSE - Automate Containment
NIST Incident response framework has 4 steps including one for Containment. AWS Incident Response being API enabled allows for automating a lot of incident response activity especially containment.
In this episode with Damien Burks spoke about his @fwdcloudsec talk where he shared how he automated Incident Response in AWS environments of Citi.
Question asked:
00:00 Introduction
00:13 A word from our sponsors - Snyk.io/csp
01:16 A bit about Damien Burks
02:24 Incident Response in the cloud context
03:50 Is incident response different in the cloud?
05:22 Average time for an incident response
07:33 AWS services for incident response automation
08:55 AWS Eventbridge
11:56 The phases of incident response
13:42 Containment Phase: Starting point and challenges
17:54 Organisation with Multiple Accounts
20:09 How to structure the process
21:04 Containment for EC2 instance
23:54 Enjoying this cloud security topic so far?
25:17 Containment for S3 Bucket
27:57 Where to start with incident response
30:18 Preparing for Incidents
32:08 Fun Questions
--------------------------------------------------------------------------------
📱Cloud Security Podcast Social Media📱
_____________________________________
Twitter: https://twitter.com/CloudSecPod
Facebook: https://www.facebook.com/CloudSecurityPodcast
LinkedIn: https://www.linkedin.com/company/Cloud-security-podcast
Website: https://cloudsecuritypodcast.tv/
#cloudsecurity #awssecurity #incidentresponse
Видео AWS INCIDENT RESPONSE - Automate Containment канала Cloud Security Podcast
In this episode with Damien Burks spoke about his @fwdcloudsec talk where he shared how he automated Incident Response in AWS environments of Citi.
Question asked:
00:00 Introduction
00:13 A word from our sponsors - Snyk.io/csp
01:16 A bit about Damien Burks
02:24 Incident Response in the cloud context
03:50 Is incident response different in the cloud?
05:22 Average time for an incident response
07:33 AWS services for incident response automation
08:55 AWS Eventbridge
11:56 The phases of incident response
13:42 Containment Phase: Starting point and challenges
17:54 Organisation with Multiple Accounts
20:09 How to structure the process
21:04 Containment for EC2 instance
23:54 Enjoying this cloud security topic so far?
25:17 Containment for S3 Bucket
27:57 Where to start with incident response
30:18 Preparing for Incidents
32:08 Fun Questions
--------------------------------------------------------------------------------
📱Cloud Security Podcast Social Media📱
_____________________________________
Twitter: https://twitter.com/CloudSecPod
Facebook: https://www.facebook.com/CloudSecurityPodcast
LinkedIn: https://www.linkedin.com/company/Cloud-security-podcast
Website: https://cloudsecuritypodcast.tv/
#cloudsecurity #awssecurity #incidentresponse
Видео AWS INCIDENT RESPONSE - Automate Containment канала Cloud Security Podcast
Комментарии отсутствуют
Информация о видео
5 июля 2023 г. 23:00:09
00:37:09
Другие видео канала
AI's Role in Security Efficiency - Kubernetes Edition
My Blackhat Day 3 Highlight - @BlackHatOfficialYT
Difference between different cloud providers
AWS IAM Access Analyzer Explained
How to Align Security Metrics to Business Goals?
API Security Best Practices FOR 2022
Cloud Village DEFCON 2023 - What to Expect at DefCon31!
Cloud Pentesting: AWS vs GCP
Future-Proof Your AI With This One Trick 🏗️
Measuring Maturity of Cloud Security Program
Skillset Required for Incident Response in Cloud!
Threat Modeling Cloud vs OnPrem
2 Reasons for Cloud Security Podcast success! #shorts
How to prevent no logging attacks in AWS?
Learning Azure from AWS
Cloud Security in the BoardRoom - CISO Perspective with Phil Venables
So You WANT TO DO Google Cloud Threat Detection - Start here!
How Being a Cloud Security Architect is Different?
HOW DOES SOFTWARE SIGNING WORK?
What is Cloud Native?
