Effective threat detection strategies consider a wide range of scenarios where unauthorized information can be disclosed by overprivileged accounts, misconfigured security controls, or other vectors.
In this webinar, SANS and AWS Marketplace will overview building a detection and threat hunting workflow, focusing on preventing insider activity. The speakers will cover monitoring techniques and controls, event logging, and examples of scenarios illustrating common vulnerabilities and insider tactics in cloud environments.
Register today to be among the first to receive the accompanying whitepaper written by SANS senior instructor, Dave Shackleford.
Attendees will learn how to:
- Configure monitoring and event logging for privilege escalation, data exfiltration, permissions abuse, and other anomalous behavior
- Identify common vulnerabilities with a focus on DevOps and identity and access management (IAM) vectors
- Build a detection and threat hunting workflow to respond to insider activity
- Develop and implement guardrails to help reduce instances of unauthorized activity and access
Who Should Attend?
Security Analysts, Security Architects, Security Engineers, Cloud Security Architects, and the office of the CISO
Dave Shackleford, Analyst and Senior Instructor at SANS
Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.
Nam Le, Specialist Solutions Architect at AWS
Nam Le is a Specialist Solutions Architect at AWS covering AWS Marketplace, Service Catalog, Migration Services, and Control Tower. He helps customers implement security and governance best practices using native AWS Services and Partner products. He is an AWS Certified Solutions Architect, and his skills include security, compliance, cloud computing, enterprise architecture, and software development. Nam has also worked as a consulting services manager, cloud architect, and technical marketing manager.
Register for the webinar
About the SANS Institute:
The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world—from auditors and network administrators, to chief information security officers—sharing the lessons they learn and jointly finding solutions to the challenges they face.
About AWS Marketplace:
AWS Marketplace is a digital software catalog that makes it easy to find, try, buy, deploy, and manage software that runs on AWS. AWS Marketplace has a broad and deep selection of security solutions offered by hundreds of independent software vendors, spanning infrastructure security, logging and monitoring, identity and access control, data protection, and more. These products can be integrated with AWS Services and other existing technologies, enabling you to deploy a comprehensive security architecture across your AWS and on-premises environments. Visit aws.amazon.com/marketplace to learn more.