SlideShare a Scribd company logo

How to Build a Threat Detection Strategy in the AWS Cloud

Download as PPTX, PDF
J
Joseph Holbrook, Chief Learning Officer (CLO)

By the end of this Course you should be able to understand Shared Security Model Introduction to Threat Detection Intrusion Detection Systems, Advanced Threat Detection Systems and other security tools that enable a proactive response to threats. Building a Threat Reduction Strategy Cloud Adoption Framework (CAF) Security Perspective Controls AWS GuardDuty Monitoring (Demo) AWS Security Specialty Certification Course Summary In a recent eye-opening study, Threat Stack found that 73% of companies have at least one critical security misconfiguration, such as remote SSH open to the entire internet. That most security incidents actually occur because of credential theft (according to the 2018 Verizon Data Breach Investigations Report) not sophisticated zero-day attacks against cloud providers themselves.

1 of 42
Download to read offline
How to Build a Threat Detection Strategy in AWS
How to Build a Threat Detection Strategy in AWS Instructor Introduction
Instructor Introduction • Joseph Holbrook • Consulting Blockchain Solutions Architect/Trainer/Speaker out of Jacksonville, FL • Certified Blockchain Solutions Architect (CBSA) • Certified Blockchain Developer Hyperledger (CBDH) • Certified Corda Developer • Certified Google Cloud Platform Cloud Architect and Engineer • AWS Professional Services Partner - Premier • Certified AWS Solutions Architect, SysOps and Security • CompTIA SME – Cloud and Security • Brocade Distinguished Architect (BDA) 2013 • EMC Proven Professional – Expert – Cloud (EMCCE) • Published Course Author on Pearson Safari, Udemy, Linkedin Learning • Author “Architecting Enterprise Blockchain Solutions” – Wiley November 2019 • Prior US Navy Veteran
How to Build a Threat Detection Strategy in AWS Course Introduction
Course Introduction By the end of this Course you should be able to understand  Shared Security Model  Introduction to Threat Detection  Intrusion Detection Systems, Advanced Threat Detection Systems and other security tools that enable a proactive response to threats.  Building a Threat Reduction Strategy  Cloud Adoption Framework (CAF) Security Perspective Controls  AWS GuardDuty Monitoring (Demo)  AWS Security Specialty Certification  Course Summary
How to Build a Threat Detection Strategy in AWS Did you Know?
Did you know? Did You Know? • In a recent eye-opening study, Threat Stack found that 73% of companies have at least one critical security misconfiguration, such as remote SSH open to the entire internet. • That most security incidents actually occur because of credential theft (according to the 2018 Verizon Data Breach Investigations Report) not sophisticated zero-day attacks against cloud providers themselves.
Did you know? Did You Know? • The AWS S3 bucket name is not a secret and therefore there are many ways for a hacker to figure it out. Once the attacker figures it out they can steal your data and expose it to viewers that are unintended. • VPC Flow log entries can be scanned to detect both specific and anomalous attack patterns.
How to Build a Threat Detection Strategy in AWS Shared Security Model
Introduction and benefits of AWS security Shared Security Model • Review the shared responsibility model and know what the provider does for security and what the user is responsible for.
How to Build a Threat Detection Strategy in AWS Introduction to Threat Detection
How to Build a Threat Detection Strategy in AWS Threat Detection • Threat detection is the process by which you find threats on your network, your systems or your applications • Malware, Virus, Phishing, Trojans, Ransomware, permissioning issues, backdoors are common • APT- The enemy could be hidden for months or more. • Focus on techniques, tactics, and procedures (TTPs)
How to Build a Threat Detection Strategy in AWS Understand what the attackers are after. • Credentials • Financial Information • Health Info/PII • Corporate Secrets • Ransom • Revenge or even corporate image harm
How to Build a Threat Detection Strategy in AWS Threat Detection Tools • SIEMs • IDS • NGEN Firewalls • Endpoints • Cloud Brokers • Honeypots • Analytics
How to Build a Threat Detection Strategy in AWS Intrusion Detection Systems, Advanced Threat Detection Systems and other security tools that enable a proactive response to threats
Introduction and benefits of AWS security • SIEM – Security Hub • Security Service (Uses AI) – Macie • Security Service –(For EC2) Inspector • Compliance Tool – Audit Artifacts • DDoS Protection - Shield • CloudWatch – Monitoring Tool • Others such as HSM, FW Manager, Cognito, etc
Introduction and benefits of AWS security Diagram - Fortinet
Introduction and benefits of AWS security Diagram - AWS
Introduction and benefits of AWS security
Introduction and benefits of AWS security
Introduction and benefits of AWS security
How to Build a Threat Detection Strategy in AWS Building a Threat Reduction Strategy
Introduction and benefits of AWS security Identify threats • Insider • Outsider • Kill Chain – 6 Steps • Kill Chain – 5 Components Diagram ISC Congress
How to Build a Threat Detection Strategy in AWS Cloud Adoption Framework (CAF) Security Perspective Controls
Introduction and benefits of AWS security • The AWS CAF provides a framework to help you structure and plan your cloud adoption journey and then build a comprehensive approach to cloud computing throughout the IT lifecycle. • The CAF provides seven specific areas of focus or Perspectives: business, platform, maturity, people, process, operations, and security. • Security Perspective captures AWS’s experience working with enterprise customers on their cloud adoption journey
CAF Security Controls • CAF 101
How to Build a Threat Detection Strategy in AWS AWS GuardDuty Monitoring
How to Build a Threat Detection Strategy in AWS GuardDuty Analyzes literally billions of events to identify trends, patterns, and anomalies to find behavior that are recognizable signs that something may be wrong. Receives Input from multiple data streams. • Several threat intelligence feeds • Staying aware of malicious IP addresses and domains
How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs You can also set a whitelist list and a blacklist
How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs
How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs
How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs
How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs
AWS Guard Duty • Overview
Introduction and benefits of AWS security Top 7 AWS Security Services • AWS Security Center • AWS Guard Duty • AWS CloudHSM • Amazon Inspector • AWS Key Management Service • AWS Trusted Advisor • AWS Cloud Trail AWS Services - Security
Introduction and benefits of AWS security AWS Security Specialty Exam
Introduction and benefits of AWS security AWS Security Specialization is really focused on best practices, AWS security services and security controls for workloads on AWS. Exam info is here. https://aws.amazon.com/certification/certified-security-specialty/
How to Build a Threat Detection Strategy in AWS Course Summary
How to Build a Threat Detection Strategy in AWS Threat Detection in AWS Putting it all together  AWS services can be used in a complementary manner to add capability.  AWS and Security are complementary. The better your security planning is the more favorable results you should get out of AWS services.  AWS has a robust solution set of security related services.
How to Build a Threat Detection Strategy in AWS Resources  AWS Security Products - https://aws.amazon.com/products/security/  Security Hub - https://aws.amazon.com/security-hub/  Landing Zone - https://aws.amazon.com/solutions/aws-landing-zone/  Fortinet - https://www.fortinet.com/products/public-cloud-security/aws.html
How to Build a Threat Detection Strategy in AWS QuickStart Resources - AWS
How to Build a Threat Detection Strategy in AWS Thank you and Questions
Ad

Recommended

AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in Practice
Alert Logic
 
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Security Spotlight: The Coca Cola Company - CSS ATX 2017Security Spotlight: The Coca Cola Company - CSS ATX 2017
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Alert Logic
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
Alert Logic
 
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersAWS Cloud Governance & Security through Automation - Atlanta AWS Builders
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
James Strong
 
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeCSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
Alert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Segurança de Ponta a Ponta na AWS
Segurança de Ponta a Ponta na AWSSegurança de Ponta a Ponta na AWS
Segurança de Ponta a Ponta na AWS
Alexandre Santos
 
Kubernetes - do or do not, there is no try
Kubernetes - do or do not, there is no tryKubernetes - do or do not, there is no try
Kubernetes - do or do not, there is no try
James Strong
 
AWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certifiedAWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certified
Infosec
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Robert Herjavec
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
East Midlands Cyber Security Forum
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
Faiza Mehar
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
Amazon Web Services LATAM
 
Top 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesTop 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practices
Ahmad Khan
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John Hildebrandt
Helen Rogers
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24
 
Cloud Computing Opportunities in the Goverment Military Sectors
Cloud Computing Opportunities in the Goverment Military SectorsCloud Computing Opportunities in the Goverment Military Sectors
Cloud Computing Opportunities in the Goverment Military Sectors
Joseph Holbrook, Chief Learning Officer (CLO)
 
Top 10 key areas to learn in cloud in 2020
Top 10 key areas to learn in cloud in 2020Top 10 key areas to learn in cloud in 2020
Top 10 key areas to learn in cloud in 2020
Joseph Holbrook, Chief Learning Officer (CLO)
 
"Creating a Competitive Edge Using Blockchain Technology"
"Creating a Competitive Edge Using Blockchain Technology""Creating a Competitive Edge Using Blockchain Technology"
"Creating a Competitive Edge Using Blockchain Technology"
Joseph Holbrook, Chief Learning Officer (CLO)
 
How to design, code, deploy and execute a smart contract
How to design, code, deploy and execute a smart contractHow to design, code, deploy and execute a smart contract
How to design, code, deploy and execute a smart contract
Joseph Holbrook, Chief Learning Officer (CLO)
 
AWS and DevOps Session 1
AWS and DevOps Session 1AWS and DevOps Session 1
AWS and DevOps Session 1
Joseph Holbrook, Chief Learning Officer (CLO)
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and Tricks
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference JacksonvilleBlockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference Jacksonville
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Fundamentals Quickstart
Blockchain Fundamentals Quickstart Blockchain Fundamentals Quickstart
Blockchain Fundamentals Quickstart
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Proof or Concepts for Pre Sales Engineers
Blockchain Proof or Concepts for Pre Sales EngineersBlockchain Proof or Concepts for Pre Sales Engineers
Blockchain Proof or Concepts for Pre Sales Engineers
Joseph Holbrook, Chief Learning Officer (CLO)
 
DevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWSDevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWS
Joseph Holbrook, Chief Learning Officer (CLO)
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology EngineersBlockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology Engineers
Joseph Holbrook, Chief Learning Officer (CLO)
 
Ad

More Related Content

Similar to How to Build a Threat Detection Strategy in the AWS Cloud (10)

AWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certifiedAWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certified
Infosec
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Robert Herjavec
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
East Midlands Cyber Security Forum
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
Faiza Mehar
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
Amazon Web Services LATAM
 
Top 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesTop 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practices
Ahmad Khan
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John Hildebrandt
Helen Rogers
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24
 
AWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certifiedAWS Certified Security - Specialty: What it is and how to get certified
AWS Certified Security - Specialty: What it is and how to get certified
Infosec
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Robert Herjavec
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
East Midlands Cyber Security Forum
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
Faiza Mehar
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
Amazon Web Services LATAM
 
Top 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practicesTop 10 AWS Security and Compliance best practices
Top 10 AWS Security and Compliance best practices
Ahmad Khan
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Security and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John HildebrandtSecurity and Compliance Better on AWS_John Hildebrandt
Security and Compliance Better on AWS_John Hildebrandt
Helen Rogers
 
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24 webinar: cloud providers ate hosting companies' lunch, what's next?...
Outpost24
 

More from Joseph Holbrook, Chief Learning Officer (CLO) (20)

Cloud Computing Opportunities in the Goverment Military Sectors
Cloud Computing Opportunities in the Goverment Military SectorsCloud Computing Opportunities in the Goverment Military Sectors
Cloud Computing Opportunities in the Goverment Military Sectors
Joseph Holbrook, Chief Learning Officer (CLO)
 
Top 10 key areas to learn in cloud in 2020
Top 10 key areas to learn in cloud in 2020Top 10 key areas to learn in cloud in 2020
Top 10 key areas to learn in cloud in 2020
Joseph Holbrook, Chief Learning Officer (CLO)
 
"Creating a Competitive Edge Using Blockchain Technology"
"Creating a Competitive Edge Using Blockchain Technology""Creating a Competitive Edge Using Blockchain Technology"
"Creating a Competitive Edge Using Blockchain Technology"
Joseph Holbrook, Chief Learning Officer (CLO)
 
How to design, code, deploy and execute a smart contract
How to design, code, deploy and execute a smart contractHow to design, code, deploy and execute a smart contract
How to design, code, deploy and execute a smart contract
Joseph Holbrook, Chief Learning Officer (CLO)
 
AWS and DevOps Session 1
AWS and DevOps Session 1AWS and DevOps Session 1
AWS and DevOps Session 1
Joseph Holbrook, Chief Learning Officer (CLO)
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and Tricks
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference JacksonvilleBlockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference Jacksonville
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Fundamentals Quickstart
Blockchain Fundamentals Quickstart Blockchain Fundamentals Quickstart
Blockchain Fundamentals Quickstart
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Proof or Concepts for Pre Sales Engineers
Blockchain Proof or Concepts for Pre Sales EngineersBlockchain Proof or Concepts for Pre Sales Engineers
Blockchain Proof or Concepts for Pre Sales Engineers
Joseph Holbrook, Chief Learning Officer (CLO)
 
DevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWSDevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWS
Joseph Holbrook, Chief Learning Officer (CLO)
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology EngineersBlockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology Engineers
Joseph Holbrook, Chief Learning Officer (CLO)
 
Cloud Security Top 10 Risk Mitigation Techniques for 2019
Cloud Security Top 10 Risk Mitigation Techniques for 2019Cloud Security Top 10 Risk Mitigation Techniques for 2019
Cloud Security Top 10 Risk Mitigation Techniques for 2019
Joseph Holbrook, Chief Learning Officer (CLO)
 
Cloud Computing and the Culture of Innovation
Cloud Computing and the Culture of Innovation Cloud Computing and the Culture of Innovation
Cloud Computing and the Culture of Innovation
Joseph Holbrook, Chief Learning Officer (CLO)
 
Udemy Cash Flow Workshop Jacksonville IT Pro Workshop 2018
Udemy Cash Flow Workshop Jacksonville IT Pro Workshop 2018Udemy Cash Flow Workshop Jacksonville IT Pro Workshop 2018
Udemy Cash Flow Workshop Jacksonville IT Pro Workshop 2018
Joseph Holbrook, Chief Learning Officer (CLO)
 
CompTIA PenTest+ Exam (PT0-001) Exam Review
CompTIA PenTest+ Exam (PT0-001) Exam ReviewCompTIA PenTest+ Exam (PT0-001) Exam Review
CompTIA PenTest+ Exam (PT0-001) Exam Review
Joseph Holbrook, Chief Learning Officer (CLO)
 
GCP Cloud Storage Security
GCP Cloud Storage SecurityGCP Cloud Storage Security
GCP Cloud Storage Security
Joseph Holbrook, Chief Learning Officer (CLO)
 
Google Cloud Platform Intro to Data and Storage Services
Google Cloud Platform Intro to Data and Storage ServicesGoogle Cloud Platform Intro to Data and Storage Services
Google Cloud Platform Intro to Data and Storage Services
Joseph Holbrook, Chief Learning Officer (CLO)
 
CompTIA PenTest+ BETA EXAM CODE PT1-001
CompTIA PenTest+ BETA EXAM CODE PT1-001CompTIA PenTest+ BETA EXAM CODE PT1-001
CompTIA PenTest+ BETA EXAM CODE PT1-001
Joseph Holbrook, Chief Learning Officer (CLO)
 
INTRO TO BLOCKCHAINS AND CRYPTOCURRENCY
INTRO TO BLOCKCHAINS AND CRYPTOCURRENCYINTRO TO BLOCKCHAINS AND CRYPTOCURRENCY
INTRO TO BLOCKCHAINS AND CRYPTOCURRENCY
Joseph Holbrook, Chief Learning Officer (CLO)
 
Cloud Computing Opportunities in the Goverment Military Sectors
Cloud Computing Opportunities in the Goverment Military SectorsCloud Computing Opportunities in the Goverment Military Sectors
Cloud Computing Opportunities in the Goverment Military Sectors
Joseph Holbrook, Chief Learning Officer (CLO)
 
Top 10 key areas to learn in cloud in 2020
Top 10 key areas to learn in cloud in 2020Top 10 key areas to learn in cloud in 2020
Top 10 key areas to learn in cloud in 2020
Joseph Holbrook, Chief Learning Officer (CLO)
 
"Creating a Competitive Edge Using Blockchain Technology"
"Creating a Competitive Edge Using Blockchain Technology""Creating a Competitive Edge Using Blockchain Technology"
"Creating a Competitive Edge Using Blockchain Technology"
Joseph Holbrook, Chief Learning Officer (CLO)
 
How to design, code, deploy and execute a smart contract
How to design, code, deploy and execute a smart contractHow to design, code, deploy and execute a smart contract
How to design, code, deploy and execute a smart contract
Joseph Holbrook, Chief Learning Officer (CLO)
 
AWS and DevOps Session 1
AWS and DevOps Session 1AWS and DevOps Session 1
AWS and DevOps Session 1
Joseph Holbrook, Chief Learning Officer (CLO)
 
CompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and TricksCompTIA Cybersecurity Analyst Certification Tips and Tricks
CompTIA Cybersecurity Analyst Certification Tips and Tricks
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference JacksonvilleBlockchain Breakout Session Tech Coast Conference Jacksonville
Blockchain Breakout Session Tech Coast Conference Jacksonville
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Fundamentals Quickstart
Blockchain Fundamentals Quickstart Blockchain Fundamentals Quickstart
Blockchain Fundamentals Quickstart
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Proof or Concepts for Pre Sales Engineers
Blockchain Proof or Concepts for Pre Sales EngineersBlockchain Proof or Concepts for Pre Sales Engineers
Blockchain Proof or Concepts for Pre Sales Engineers
Joseph Holbrook, Chief Learning Officer (CLO)
 
DevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWSDevOps on GCP Course Compared to AWS
DevOps on GCP Course Compared to AWS
Joseph Holbrook, Chief Learning Officer (CLO)
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
Joseph Holbrook, Chief Learning Officer (CLO)
 
Blockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology EngineersBlockchain Fundamentals for Technology Engineers
Blockchain Fundamentals for Technology Engineers
Joseph Holbrook, Chief Learning Officer (CLO)
 
Cloud Security Top 10 Risk Mitigation Techniques for 2019
Cloud Security Top 10 Risk Mitigation Techniques for 2019Cloud Security Top 10 Risk Mitigation Techniques for 2019
Cloud Security Top 10 Risk Mitigation Techniques for 2019
Joseph Holbrook, Chief Learning Officer (CLO)
 
Cloud Computing and the Culture of Innovation
Cloud Computing and the Culture of Innovation Cloud Computing and the Culture of Innovation
Cloud Computing and the Culture of Innovation
Joseph Holbrook, Chief Learning Officer (CLO)
 
Udemy Cash Flow Workshop Jacksonville IT Pro Workshop 2018
Udemy Cash Flow Workshop Jacksonville IT Pro Workshop 2018Udemy Cash Flow Workshop Jacksonville IT Pro Workshop 2018
Udemy Cash Flow Workshop Jacksonville IT Pro Workshop 2018
Joseph Holbrook, Chief Learning Officer (CLO)
 
CompTIA PenTest+ Exam (PT0-001) Exam Review
CompTIA PenTest+ Exam (PT0-001) Exam ReviewCompTIA PenTest+ Exam (PT0-001) Exam Review
CompTIA PenTest+ Exam (PT0-001) Exam Review
Joseph Holbrook, Chief Learning Officer (CLO)
 
GCP Cloud Storage Security
GCP Cloud Storage SecurityGCP Cloud Storage Security
GCP Cloud Storage Security
Joseph Holbrook, Chief Learning Officer (CLO)
 
Google Cloud Platform Intro to Data and Storage Services
Google Cloud Platform Intro to Data and Storage ServicesGoogle Cloud Platform Intro to Data and Storage Services
Google Cloud Platform Intro to Data and Storage Services
Joseph Holbrook, Chief Learning Officer (CLO)
 
CompTIA PenTest+ BETA EXAM CODE PT1-001
CompTIA PenTest+ BETA EXAM CODE PT1-001CompTIA PenTest+ BETA EXAM CODE PT1-001
CompTIA PenTest+ BETA EXAM CODE PT1-001
Joseph Holbrook, Chief Learning Officer (CLO)
 
INTRO TO BLOCKCHAINS AND CRYPTOCURRENCY
INTRO TO BLOCKCHAINS AND CRYPTOCURRENCYINTRO TO BLOCKCHAINS AND CRYPTOCURRENCY
INTRO TO BLOCKCHAINS AND CRYPTOCURRENCY
Joseph Holbrook, Chief Learning Officer (CLO)
 
Ad

Recently uploaded (20)

Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdfThe Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
Abi john
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
Heap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and DeletionHeap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and Deletion
Jaydeep Kale
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-UmgebungenHCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
panagenda
 
2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx
Samuele Fogagnolo
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc
 
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath MaestroDev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
UiPathCommunity
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptxDevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
DevOpsDays Atlanta 2025 - Building 10x Development Organizations.pptx
Justin Reock
 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdfThe Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
Abi john
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
Heap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and DeletionHeap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and Deletion
Jaydeep Kale
 
How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?How Can I use the AI Hype in my Business Context?
How Can I use the AI Hype in my Business Context?
Daniel Lehner
 
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-UmgebungenHCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
panagenda
 
2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx
Samuele Fogagnolo
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc
 
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath MaestroDev Dives: Automate and orchestrate your processes with UiPath Maestro
Dev Dives: Automate and orchestrate your processes with UiPath Maestro
UiPathCommunity
 
Ad

How to Build a Threat Detection Strategy in the AWS Cloud

  • 1. How to Build a Threat Detection Strategy in AWS
  • 2. How to Build a Threat Detection Strategy in AWS Instructor Introduction
  • 3. Instructor Introduction • Joseph Holbrook • Consulting Blockchain Solutions Architect/Trainer/Speaker out of Jacksonville, FL • Certified Blockchain Solutions Architect (CBSA) • Certified Blockchain Developer Hyperledger (CBDH) • Certified Corda Developer • Certified Google Cloud Platform Cloud Architect and Engineer • AWS Professional Services Partner - Premier • Certified AWS Solutions Architect, SysOps and Security • CompTIA SME – Cloud and Security • Brocade Distinguished Architect (BDA) 2013 • EMC Proven Professional – Expert – Cloud (EMCCE) • Published Course Author on Pearson Safari, Udemy, Linkedin Learning • Author “Architecting Enterprise Blockchain Solutions” – Wiley November 2019 • Prior US Navy Veteran
  • 4. How to Build a Threat Detection Strategy in AWS Course Introduction
  • 5. Course Introduction By the end of this Course you should be able to understand  Shared Security Model  Introduction to Threat Detection  Intrusion Detection Systems, Advanced Threat Detection Systems and other security tools that enable a proactive response to threats.  Building a Threat Reduction Strategy  Cloud Adoption Framework (CAF) Security Perspective Controls  AWS GuardDuty Monitoring (Demo)  AWS Security Specialty Certification  Course Summary
  • 6. How to Build a Threat Detection Strategy in AWS Did you Know?
  • 7. Did you know? Did You Know? • In a recent eye-opening study, Threat Stack found that 73% of companies have at least one critical security misconfiguration, such as remote SSH open to the entire internet. • That most security incidents actually occur because of credential theft (according to the 2018 Verizon Data Breach Investigations Report) not sophisticated zero-day attacks against cloud providers themselves.
  • 8. Did you know? Did You Know? • The AWS S3 bucket name is not a secret and therefore there are many ways for a hacker to figure it out. Once the attacker figures it out they can steal your data and expose it to viewers that are unintended. • VPC Flow log entries can be scanned to detect both specific and anomalous attack patterns.
  • 9. How to Build a Threat Detection Strategy in AWS Shared Security Model
  • 10. Introduction and benefits of AWS security Shared Security Model • Review the shared responsibility model and know what the provider does for security and what the user is responsible for.
  • 11. How to Build a Threat Detection Strategy in AWS Introduction to Threat Detection
  • 12. How to Build a Threat Detection Strategy in AWS Threat Detection • Threat detection is the process by which you find threats on your network, your systems or your applications • Malware, Virus, Phishing, Trojans, Ransomware, permissioning issues, backdoors are common • APT- The enemy could be hidden for months or more. • Focus on techniques, tactics, and procedures (TTPs)
  • 13. How to Build a Threat Detection Strategy in AWS Understand what the attackers are after. • Credentials • Financial Information • Health Info/PII • Corporate Secrets • Ransom • Revenge or even corporate image harm
  • 14. How to Build a Threat Detection Strategy in AWS Threat Detection Tools • SIEMs • IDS • NGEN Firewalls • Endpoints • Cloud Brokers • Honeypots • Analytics
  • 15. How to Build a Threat Detection Strategy in AWS Intrusion Detection Systems, Advanced Threat Detection Systems and other security tools that enable a proactive response to threats
  • 16. Introduction and benefits of AWS security • SIEM – Security Hub • Security Service (Uses AI) – Macie • Security Service –(For EC2) Inspector • Compliance Tool – Audit Artifacts • DDoS Protection - Shield • CloudWatch – Monitoring Tool • Others such as HSM, FW Manager, Cognito, etc
  • 17. Introduction and benefits of AWS security Diagram - Fortinet
  • 18. Introduction and benefits of AWS security Diagram - AWS
  • 19. Introduction and benefits of AWS security
  • 20. Introduction and benefits of AWS security
  • 21. Introduction and benefits of AWS security
  • 22. How to Build a Threat Detection Strategy in AWS Building a Threat Reduction Strategy
  • 23. Introduction and benefits of AWS security Identify threats • Insider • Outsider • Kill Chain – 6 Steps • Kill Chain – 5 Components Diagram ISC Congress
  • 24. How to Build a Threat Detection Strategy in AWS Cloud Adoption Framework (CAF) Security Perspective Controls
  • 25. Introduction and benefits of AWS security • The AWS CAF provides a framework to help you structure and plan your cloud adoption journey and then build a comprehensive approach to cloud computing throughout the IT lifecycle. • The CAF provides seven specific areas of focus or Perspectives: business, platform, maturity, people, process, operations, and security. • Security Perspective captures AWS’s experience working with enterprise customers on their cloud adoption journey
  • 27. How to Build a Threat Detection Strategy in AWS AWS GuardDuty Monitoring
  • 28. How to Build a Threat Detection Strategy in AWS GuardDuty Analyzes literally billions of events to identify trends, patterns, and anomalies to find behavior that are recognizable signs that something may be wrong. Receives Input from multiple data streams. • Several threat intelligence feeds • Staying aware of malicious IP addresses and domains
  • 29. How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs You can also set a whitelist list and a blacklist
  • 30. How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs
  • 31. How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs
  • 32. How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs
  • 33. How to Build a Threat Detection Strategy in AWS GuardDuty searches customers specified • Virtual Private Cloud (VPC) Flow Logs • AWS CloudTrail • DNS logs
  • 34. AWS Guard Duty • Overview
  • 35. Introduction and benefits of AWS security Top 7 AWS Security Services • AWS Security Center • AWS Guard Duty • AWS CloudHSM • Amazon Inspector • AWS Key Management Service • AWS Trusted Advisor • AWS Cloud Trail AWS Services - Security
  • 36. Introduction and benefits of AWS security AWS Security Specialty Exam
  • 37. Introduction and benefits of AWS security AWS Security Specialization is really focused on best practices, AWS security services and security controls for workloads on AWS. Exam info is here. https://aws.amazon.com/certification/certified-security-specialty/
  • 38. How to Build a Threat Detection Strategy in AWS Course Summary
  • 39. How to Build a Threat Detection Strategy in AWS Threat Detection in AWS Putting it all together  AWS services can be used in a complementary manner to add capability.  AWS and Security are complementary. The better your security planning is the more favorable results you should get out of AWS services.  AWS has a robust solution set of security related services.
  • 40. How to Build a Threat Detection Strategy in AWS Resources  AWS Security Products - https://aws.amazon.com/products/security/  Security Hub - https://aws.amazon.com/security-hub/  Landing Zone - https://aws.amazon.com/solutions/aws-landing-zone/  Fortinet - https://www.fortinet.com/products/public-cloud-security/aws.html
  • 41. How to Build a Threat Detection Strategy in AWS QuickStart Resources - AWS
  • 42. How to Build a Threat Detection Strategy in AWS Thank you and Questions

Editor's Notes

  • #3: Also share why they should care knowing this information
  • #5: Also share why they should care knowing this information
  • #6: Also share why they should care knowing this information
  • #7: Also share why they should care knowing this information
  • #8: Also share why they should care knowing this information
  • #9: Also share why they should care knowing this information
  • #10: Also share why they should care knowing this information
  • #11: Also share why they should care knowing this information
  • #12: Also share why they should care knowing this information
  • #13: Also share why they should care knowing this information
  • #14: Also share why they should care knowing this information
  • #15: Also share why they should care knowing this information
  • #16: Also share why they should care knowing this information
  • #17: Also share why they should care knowing this information
  • #18: Also share why they should care knowing this information
  • #19: Also share why they should care knowing this information
  • #20: Also share why they should care knowing this information
  • #21: Also share why they should care knowing this information
  • #22: Also share why they should care knowing this information
  • #23: Also share why they should care knowing this information
  • #24: Also share why they should care knowing this information
  • #25: Also share why they should care knowing this information
  • #26: Also share why they should care knowing this information
  • #28: Also share why they should care knowing this information
  • #29: Also share why they should care knowing this information
  • #30: Also share why they should care knowing this information
  • #31: Also share why they should care knowing this information
  • #32: Also share why they should care knowing this information
  • #33: Also share why they should care knowing this information
  • #34: Also share why they should care knowing this information
  • #36: Also share why they should care knowing this information
  • #37: Also share why they should care knowing this information
  • #38: Also share why they should care knowing this information
  • #39: Also share why they should care knowing this information
  • #40: Also share why they should care knowing this information
  • #41: Also share why they should care knowing this information
  • #42: Also share why they should care knowing this information
  • #43: Also share why they should care knowing this information