AWS INCIDENT RESPONSE - Automate Containment
Cloud Security Podcast5 Heinä 2023

AWS INCIDENT RESPONSE - Automate Containment

Cloud Security Podcast - NIST Incident response framework has 4 steps including one for Containment. AWS Incident Response being API enabled allows for automating a lot of incident response activity especially containment. In this episode with Damien Burks (⁠Damien - Linkedin⁠) spoke about his @fwdcloudsec talk where he shared how he automated Incident Response in AWS environments of Citi. There were lot more gems dropped so def check out the episode.


Episode YouTube Video - https://youtu.be/IrLuHMLQs_w


Host Twitter: Ashish Rajan (⁠⁠⁠@hashishrajan⁠⁠⁠)

Guest Socials: Damien Burks (Damien - Linkedin)

Podcast Twitter - ⁠⁠⁠@CloudSecPod⁠⁠⁠ ⁠⁠⁠@CloudSecureNews⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠Cloud Security News ⁠⁠⁠

- ⁠⁠⁠Cloud Security BootCamp⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠snyk.io/csp⁠⁠⁠

(00:00) Introduction (00:13) A word from our sponsors - Snyk.io/csp (01:16) A bit about Damien Burks (02:24) Incident Response in the cloud context (03:50) Is incident response different in the cloud? (05:22) Average time for an incident response (07:33) AWS services for incident response automation (08:55) AWS Eventbridge (11:56) The phases of incident response (13:42) Containment Phase: Starting point and challenges (17:54) Organisation with Multiple Accounts (20:09) How to structure the process (21:04) Containment for EC2 instance (23:54) Enjoying this cloud security topic so far?

(25:17) Containment for S3 Bucket (27:57) Where to start with incident response (30:18) Preparing for Incidents (32:08) Fun Questions

See you at the next episode!

Jaksot(345)

CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW

CSO Hall of Fame - 21 yrs in Cybersecurity: Challenges THEN & NOW

In this Mid Week special episode of the CISO Perspective edition, we spoke with Andy Ellis (@csoandy) is the Operating Partner at YL Ventures (@YLVentures) and the ex-CISO of Akamai (@Akamai). Episode...

10 Kesä 202142min

Finding and Fixing SECURITY BUGS IN GOOGLE CLOUD - Dylan Ayrey

Finding and Fixing SECURITY BUGS IN GOOGLE CLOUD - Dylan Ayrey

In this episode of the Virtual Coffee with Ashish edition, we spoke with Dylan Ayrey (@insecurenature) is a Professional Hacker and Co-Founder of Truffle Security (@TruffleSecurity-Linkedin) Episode S...

6 Kesä 20211h 1min

Attacking and Defending Managed Kubernetes Clusters - Brad Geesaman

Attacking and Defending Managed Kubernetes Clusters - Brad Geesaman

In this episode of the Virtual Coffee with Ashish edition, we spoke with Brad Geesaman (@bradgeesaman) is a Senior Cloud Native and Kubernetes Security Professional and the Co- Founder of Darkbit (@Da...

30 Touko 202159min

Kubernetes Runtime Threat Detection and Response - Falco, Sysdig

Kubernetes Runtime Threat Detection and Response - Falco, Sysdig

In this episode of the Virtual Coffee with Ashish edition, we spoke with Dan “POP“ Papandrea (@danpopnyc) is the CNCF Ambassador, Director of Open Source Community and Ecosystem (@sysdig) and Podcast ...

23 Touko 202152min

Study Hall - Attacking K8S Cluster Defaults!

Study Hall - Attacking K8S Cluster Defaults!

In this Study Hall - Ashish goes through Kubernetes Components to start understanding the Kubernetes Architecture READ the Multi-part Medium Article here - Ultimate Guide to Kubernetes Security For...

20 Touko 202125min

Start here for Kubernetes Security - Magno Logan

Start here for Kubernetes Security - Magno Logan

In this episode of the Virtual Coffee with Ashish edition, we spoke with Magno Logan (@MagnoLogan) is the Security Researcher, Trend Micro(@TrendMicro) Episode ShowNotes, Links and Transcript on Cloud...

16 Touko 202158min

Study Hall - Kubernetes Concepts and Architecture Explained!

Study Hall - Kubernetes Concepts and Architecture Explained!

In this Study Hall - Ashish goes through Kubernetes Components to start understanding the Kubernetes Architecture READ the Multi-part Medium Article here - Ultimate Guide to Kubernetes Security For ...

12 Touko 202119min

Risk Analysis of Kubernetes Security - Mark Manning, Snowflake

Risk Analysis of Kubernetes Security - Mark Manning, Snowflake

In this episode of the Virtual Coffee with Ashish edition, we spoke with Mark Manning (@antitree) is the Principal Security Architect at Snowflake(@SnowflakeDB). Before this he used to run Kubernetes ...

9 Touko 202149min