IR Prep and Detection Engineering When the Cloud is Your Data Center

Channel:
United States SANS Cyber Defense
Subscribers:
23,600
Published on ● Video Link: https://www.youtube.com/watch?v=odDpHxnB6Kw


Duration: 43:40
885 views
17

Public clouds have changed how organizations build their data centers, moving from on-prem to the browser and API calls over the commodity Internet. Attackers are determined to find your weaknesses and mistakes. This presentation will go over major attacks, highlight lessons learned, and provide you with a road map for evaluating your public cloud usage to improve your operational posture to minimize exposure and your threat profile. Topics: MITRE ATT&CK Cloud Matrix, Top Cloud Attack Kill Chains and disruption, Common attacker activity, and log configuration within Azure and AWS to detect these patterns.

ABOUT THE SPEAKER
Don Murdoch, GSE, MSISE, MBA is a seasoned IT leader with over 20 years of IT and InfoSec experience across several disciplines. Most recently, Don is the Director of a MSSP and Security Operations Practice for SLAIT Consulting, where he works with businesses of all sizes to implement SIEM, improve Security Operations, and provide security architecture consulting with an emphasis on risk reduction and mitigation.

View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
#BlueTeamSummit #BlueTeam #CyberDefense



Other Videos By SANS Cyber Defense


2023-01-24Packet Tuesday - IPv6 Neighbor Discovery
2023-01-17Packet Tuesday - IPv6 Router Advertisements
2023-01-11Network Monitoring Training with SEC503 Network Monitoring and Threat Detection In-Depth
2023-01-10Packet Tuesday - NTP
2023-01-03Packet Tuesday - IP Options
2022-12-20Packet Tuesday - TLS Server Hello
2022-12-13Packet Tuesday - FreeBSD Ping Vulnerability
2022-12-08Baby Steps to the Future: Evolving into the Next-Gen SOC
2022-12-07Don't Relay Me: Empirically Diagnose Privilege Escalation via Active Directory Account Sighting
2022-12-06Packet Tuesday - TLS Client Hello
2022-12-05IR Prep and Detection Engineering When the Cloud is Your Data Center
2022-12-02Prioritizing Defensive Capabilities
2022-12-01Once Upon a Login: How Logon Sessions Help Defenders See the Bigger Picture
2022-11-30Designing Security from the Ground Up
2022-11-29Packet Tuesday - TCP Urgent Flag
2022-11-28A Deep Dive into AWS IAM Privilege Escalation Attacks: Defenders’ Edition 2022
2022-11-23Responding to Advanced Adversaries
2022-11-22Packet Tuesday - EDNS Option Type 0
2022-11-21Enabling Defenders to Conduct Incident Response Investigations with Open-Source Tools
2022-11-18Dispatch from the SOC
2022-11-17From IT to Blue Team - Your Time is Now!


Tags:
cyber defense
cyber defenders
don murdoch
incident response
incident detection
detection engineering
MITRE ATT&CK cloud matrix
Azure
AWS
blue team handbook
don murdoch cybersecurity
don murdoch blue team handbook
what is cyber defense