Threat hunting offers proactive ways to detect anomalous behavior in your environment. Do you know how to build an effective threat hunting program in your AWS environment? In this webinar, you will learn how threat hunting differs from alerts and SOC monitoring, and what threats to look for. You will also discover real-life examples that demonstrate how threat hunters can apply cloud infrastructure best practices to reduce the noise in often chaotic environments, making it easier to detect potential events. Leveraging detailed use cases, this webinar can help you develop an effective threat hunting program.
Register for this webcast to be among the first to receive the associated whitepaper written by security expert Shaun McCullough.
Attendees will learn to:
- Use the Threat Hunting Loop to identify what to look for, which tools you need to analyze available data, and ways to tease out patterns that indicate potential events
- Strike the right balance of how much data to capture, identify gaps in information, and determine how best to collect that information
- Analyze logs efficiently and effectively using Amazon CloudWatch, AWS CloudTrail, and Amazon GuardDuty
- Automate the process of evaluating and enriching complex data sets by utilizing SIEM and SOAR solutions to detect possible threats
Who Should Attend?
Security practitioners (Security Analysts, Security Architects, Senior Security Engineers, etc.), Cloud Security Architects, and the office of the CISO.
Shaun McCullough, SANS Analyst
Shaun McCullough is a SANS instructor for the SEC545 Cloud Security Architecture and Operations class and gives back to his profession by mentoring and supporting the next generation of cyber professionals. With 25 years of experience as a software engineer, he has been focusing on information security for the past 15 years. Shaun is a consultant with H&A Security Solutions, focusing on secure cloud operations, building DevSecOps pipelines and automating security controls in the cloud. He also served as technical director of red and blue team operations, researched advanced host analytics, and ran threat intelligence on open source platforms in his work with the U.S. Department of Defense.
David Aiken, Solutions Architect Manager at AWS
David Aiken is a Solutions Architect Manager at AWS covering AWS Marketplace, Service Catalog, Migration Services, and Control Tower. He leads a team of specialist AWS SA's that help customers implement security and governance best practices using native AWS Services and Partner products. He is an AWS Certified Solutions Architect and his skills include cloud computing, enterprise architecture, agile methodologies, web services, and software design and development. David has also worked as a product manager, technical specialist, and architect evangelist.
Ross Warren, Specialist Solution Architect at AWS
Based in Northern Virginia, Ross Warren is a specialist solution architect at AWS with a focus on security. Prior to his work at AWS, Ross’ areas of expertise included cyber threat hunting and security operations. Ross has worked at a handful of startups and has enjoyed the transition to AWS because he can build solutions for customers with the breadth and depth of services offered by AWS.
Intro body copy here about 2018 re:Invent launches.
Register for the webinar
About AWS Marketplace:
AWS Marketplace is a digital software catalog that makes it easy to find, try, buy, deploy, and manage software that runs on AWS. AWS Marketplace has a broad and deep selection of security solutions offered by hundreds of independent software vendors, spanning infrastructure security, logging and monitoring, identity and access control, data protection, and more. These products can be integrated with AWS Services and other existing technologies, enabling you to deploy a comprehensive security architecture across your AWS and on-premises environments. Visit aws.amazon.com/marketplace to learn more.
About the SANS Institute:
The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world—from auditors and network administrators, to chief information security officers—sharing the lessons they learn and jointly finding solutions to the challenges they face.