[INE] INCIDENT HANDLING AND RESPONSE PROCESS FOR AWS CLOUD
Performing incident response in the Cloud is different from a strictly on-premise IR. Learn the ins and outs of the uniqueness of performing an IR in AWS. We will be covering performing IR with native AWS services and technologies such as GuardDuty, Security Hub, Detective, Macie, Inspector, and a selection of open-source tools. We will also cover forensics preservation and cloud evidence management techniques. Learn how to bring your incident response analysis and skills into the Cloud, closer to the breech.
Learn the ins and outs of the uniqueness of performing incident response in the AWS environment. We will be covering performing IR with native AWS services and technologies such as GuardDuty, Security Hub, Detective, Macie, Inspector, and a selection of open-source tools. We will also cover forensics preservation and cloud evidence management techniques.
At the end of this Bootcamp, students will be able to:
• Demonstrate knowledge of AWS evidence sources.
• Preserve evidence in the AWS environment.
• Use Amazon AWS tools to detect threat actor TTPs.
• Perform analysis of AWS network logs using 3rd party tools.
• Demonstrate techniques to locate threat actors in an AWS environment.
RECOMMENDED KNOWLEDGE OR SKILLS PRIOR TO TAKING THIS COURSE
• INE Cloud Fundamentals
• Incident Response Essentials
• Digital Forensics Essentials
ABOUT THE AUTHOR
Jason began, his cyber security career more than two decades ago when he accepted a position as a systems administrator. Over the course of the next 20 years, he held a variety of roles including network administrator, systems engineer, senior security operations specialist, senior DFIR consultant, and more. A constant throughout his career has been his belief in sharing knowledge and creating opportunities for cyber security professionals. One way he lived by this philosophy was by working as a Cyber Security Lead Faculty and Program Coordinator where he taught nearly one dozen degree and certificate programs. Jason is a GIAC Certified Forensic Analyst and an active member of the Dallas Hackers Association, North Texas ISSA, FBI Infragard, and North Texas Cyber Security Group. In addition to his passion for all things cyber security, he is an award-winning homebrewer, an active volunteer, and a gamer! You may contact Jason at email@example.com.