Skip to content

A Practical Guide to Threat Hunting across AWS

Photo of Ashish Rajan
Hosted By
Ashish R.
A Practical Guide to Threat Hunting across AWS

Details

Our first 2024 Cloud Security Meetup will be at Veracode with Jack Millman from Deliveroo presenting on A Practical Guide to Threat Hunting across AWS. We are looking for a lightning talk speaker - if that is you - feel free to reach out.

Talks:
Lightning Talk: Incident Response in AWS: Get to know Kubernetes Forensics and Why it's Important (Yes, K8s Forensics is Possible!)
As the adoption of Kubernetes continues to surge, understanding how to best investigate and respond to container-based resources becomes extremely crucial to a robust IR plan. In this presentation, James Campbell, CEO and Co Founder of Cado Security, will delve into key things you need to know about Kubernetes forensics in AWS. He'll cover:

  • The potential risks associated with the rapid adoption of Kubernetes in AWS
  • The challenges of investigating such resources in the event of compromise
  • A real-life Kubernetes attack example and how to best investigate step-by-step
  • The value of combining multiple data sources across container, cloud-provider logs, and memory, to determine the root cause and scope of Kubernetes-based threats

Main Talk: A Practical Guide to Threat Hunting across AWS
This talk will share a practical guide to beginning your CloudTrail threat hunting journey, examples of threat hunts you could run today and tips on how to make the most of your cloud threat hunting programme.

CloudTrail is the prominent logging service on AWS and maintains a comprehensive record of actions taken across your AWS environment. CloudTrail sees pretty much everything happening on AWS - if your AWS environment has been compromised, the chances are there is a record of it somewhere in CloudTrail.

However, it is often the largest log source that a Security Operations team is faced with, and proactively exploring the sheer volume of these logs for signs of compromise can be overwhelming. This talk will share a practical guide to beginning your CloudTrail threat hunting journey, examples of threat hunts you could run today and tips on how to make the most of your cloud threat hunting programme.

Location:
Veracode Office
36 Queen St,
London EC4R 1BN

Agenda:
6:00PM: Doors Open
6:25PM: Intros
6:30PM: Lightning Talk
6:45PM: Main Talk
RSVP to join us!

Thank you to Veracode our event sponsor!

Join the community:
Can't make it to the event? Keep up to date with our activities on YouTube & Linkedin

Events in London, GBNetwork SecurityTechnology
Web SecurityAmazon Web ServicesCloud Computing
Photo of Cloud Security London group
Cloud Security London
See more events
Cloud Security London
Photo of Cloud Security London group
Veracode EMEA
36 Queen Street · London
Photo of Cloud Security London group
Cloud Security London
public group