AWS INCIDENT RESPONSE - Automate Containment
Cloud Security Podcast5 Heinä 2023

AWS INCIDENT RESPONSE - Automate Containment

Cloud Security Podcast - NIST Incident response framework has 4 steps including one for Containment. AWS Incident Response being API enabled allows for automating a lot of incident response activity especially containment. In this episode with Damien Burks (⁠Damien - Linkedin⁠) spoke about his @fwdcloudsec talk where he shared how he automated Incident Response in AWS environments of Citi. There were lot more gems dropped so def check out the episode.


Episode YouTube Video - https://youtu.be/IrLuHMLQs_w


Host Twitter: Ashish Rajan (⁠⁠⁠@hashishrajan⁠⁠⁠)

Guest Socials: Damien Burks (Damien - Linkedin)

Podcast Twitter - ⁠⁠⁠@CloudSecPod⁠⁠⁠ ⁠⁠⁠@CloudSecureNews⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠Cloud Security News ⁠⁠⁠

- ⁠⁠⁠Cloud Security BootCamp⁠⁠⁠


Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠snyk.io/csp⁠⁠⁠

(00:00) Introduction (00:13) A word from our sponsors - Snyk.io/csp (01:16) A bit about Damien Burks (02:24) Incident Response in the cloud context (03:50) Is incident response different in the cloud? (05:22) Average time for an incident response (07:33) AWS services for incident response automation (08:55) AWS Eventbridge (11:56) The phases of incident response (13:42) Containment Phase: Starting point and challenges (17:54) Organisation with Multiple Accounts (20:09) How to structure the process (21:04) Containment for EC2 instance (23:54) Enjoying this cloud security topic so far?

(25:17) Containment for S3 Bucket (27:57) Where to start with incident response (30:18) Preparing for Incidents (32:08) Fun Questions

See you at the next episode!

Jaksot(345)

Azure Security Best Practices for Cloud Architects - John Savill

Azure Security Best Practices for Cloud Architects - John Savill

In this episode of the Virtual Coffee with Ashish edition, we spoke with John Savill (Linkedin_John Savill) is the Principal Cloud Architect, Author and YouTuber. Host: Ashish Rajan - Twitter @hashi...

21 Maalis 202157min

WHAT IS INFRASTRUCTURE AS CODE SECURITY? - Barak Schoster

WHAT IS INFRASTRUCTURE AS CODE SECURITY? - Barak Schoster

In this episode of the Virtual Coffee with Ashish edition, we spoke with Barak Schoster Goihman (@barakschoster) is the Co-Founder and CTO of Bridgecrew (@Bridgecrewio). Host: Ashish Rajan - Twitter...

14 Maalis 202138min

INCIDENT RESPONSE IN AWS CLOUD

INCIDENT RESPONSE IN AWS CLOUD

In this episode of the Virtual Coffee with Ashish edition, we spoke with Toni de la Fuente (@toniblyx) is the Senior Security Consultant at AWS (@AWSCloud) and author of Prowler - AWS Security Tool. ...

7 Maalis 202145min

How to become a CLOUD SECURITY ENGINEER IN 2021?

How to become a CLOUD SECURITY ENGINEER IN 2021?

In this episode of the Virtual Coffee with Ashish edition, we spoke with Nicholas McLaren (Linkedin - nmclarencys) is the Cloud Security Engineer, ByteChek(@Bytechek). Host: Ashish Rajan - Twitter @...

28 Helmi 202147min

Kubernetes Security at Scale in A CI/CD Pipeline - Michael Fraser

Kubernetes Security at Scale in A CI/CD Pipeline - Michael Fraser

In this episode of the Virtual Coffee with Ashish edition, we spoke with Michael Fraser (@itascode) is the Chief Architect, Co-Founder at refactr (@RefactrIT). Host: Ashish Rajan - Twitter @hashishr...

21 Helmi 202156min

Container Security in AWS at Scale - Ben Tomhave

Container Security in AWS at Scale - Ben Tomhave

In this episode of the Virtual Coffee with Ashish edition, we spoke with Ben Tomhave (Linkedin - @btomhave) is the Principal, Falcon’s View Consulting (@FalconsView). Host: Ashish Rajan - Twitter @h...

14 Helmi 202153min

CISO Challenges in 2021 - Zane Lackey Signal Sciences, Fastly

CISO Challenges in 2021 - Zane Lackey Signal Sciences, Fastly

In this episode of the Virtual Coffee with Ashish edition, we spoke with Zane Lackey, CISO & Co-Founder Signal Sciences, which is now owned by Fastly. Host: Ashish Rajan - Twitter @hashishrajan Gue...

10 Helmi 202151min

Cloud Security in $25 Billion dollar Company - Siemens USA

Cloud Security in $25 Billion dollar Company - Siemens USA

In this episode of the Virtual Coffee with Ashish edition, we spoke with Kurt John, Chief CyberSecurity Officer CISO at Siemens USA Host: Ashish Rajan - Twitter @hashishrajan Guest: Kurt John - Lin...

7 Helmi 202154min