Automate Threat Mitigation Using AWS WAF and Amazon GuardDuty


Automate Threat Mitigation Using AWS WAF and Amazon GuardDuty

Broadcast Date:
August 27, 2018

Level 300 | Solutions Best Practices
For customers using services like Amazon GuardDuty or AWS Shield, you get security alerts when a potential threat is detected. But maybe you would like an automated way to resolve them using AWS WAF, especially when the alert involves a known bad actor. In this tech talk, we will talk about best practices for a threat response and deep dive (with a demo) on a solution that is based on Amazon GuardDuty, AWS Shield, Amazon CloudWatch Events, AWS Lambda, and AWS WAF. It will be a serverless solution that uses threat findings and automatically blocks them on AWS WAF, not just in one Account, but across Accounts.

Learning Objectives:
• How to make threat findings more actionable
• Educate customers about organization-wide threat response
• Deep dive on a serverless example for automated threat response

Suited For: Any customer running web applications on AWS and looking for improved threat protection

Speaker(s): Alex Tomic, Solutions Architect, AWS; Cameron Worrell, Solutions Architect, AWS

Learn More
To learn more about the services featured in this talk, please visit:

Having trouble with this page? Please email us at [email protected]

Download the Slide Deck