Friday, October 19, 2018

Cloud IR Resources - Sky-hi IR: IR at cloud scale

Talk slides here:

Recording here:

Big "Thanks!" to and Adrian Crenshaw (@irongeek_adc)

Data costs:


SIFT Workstation
Getting Data from S3 via Python
AWS Montoring and Alerting 3-rd party tools:

  • Cloud-Custodian
  • Cloud-Inquisitor
  • CloudTracker
  • Security Money
  • StreamAlert
  • Wazuh

Related Talks:

Logging, Monitoring, and Alerting in AWS (The TL;DR) - SANS DFIR Summit 2018 - Jonathan Poling (@JPoForenso)

Automating Incident Response and Forensics in AWS - Ben Potter - AWS Security Lead

How to copy a VMDK to image

SIFT Workstation How-Tos

Incident Handler's Handbook by Patrick Kral - February 21, 2012

No comments:

Post a Comment