Performing incident response in the cloud is different from a strictly on-premise IR. Learn the ins and outs of the uniqueness of performing an IR in AWS. We will be covering performing IR with native AWS services and technologies such as GuardDuty, Security Hub, Detective, Macie, Inspector, and a selection of open-source tools. We will also cover forensics preservation and cloud evidence management techniques. Learn how to bring your incident response analysis and skills into the cloud, closer to the breech.
Incident Handling in the Cloud with AWS
September 22nd - 24th, 11:00 AM - 2:00 PM EDT
Premium & Business Subscribers Get Unlimited Access to All Bootcamps or They Can Be Purchased Separately.
ABOUT THE INSTRUCTOR
Jason began his cyber security career more than two decades ago when he accepted a position as a systems administrator. Over the course of the next 20 years, he held a variety of roles including network administrator, systems engineer, senior security operations specialist, senior DFIR consultant, and more. A constant throughout his career has been his belief in sharing knowledge and creating opportunities for cyber security professionals. One way he lived by this philosophy was by working as a Cyber Security Lead Faculty and Program Coordinator where he taught nearly one dozen degree and certificate programs. Jason is a GIAC Certified Forensic Analyst and an active member of the Dallas Hackers Association, North Texas ISSA, FBI Infragard, and North Texas Cyber Security Group. In addition to his passion for all things cyber security, he is an award-winning homebrewer, an active volunteer, and a gamer! You may contact Jason at firstname.lastname@example.org.
DAY 1 11 AM - 2 PM EDT
- Overview of AWS Services
- Preparation for Incident in the Cloud
- Incident Identification and Analysis
DAY 2 11 AM - 2 PM EDT
- Containment and Eradication
- Endpoint Analytics
DAY 3 11 AM - 2 PM EDT
- Incident Recovery
- Wrap up
- Closing Remarks & Recommendations