AWS Security Profile picture
Jan 31, 2023 6 tweets 4 min read Read on X
The following 5 workshops simulate multiple security events. Brought to you by the AWS Customer Incident Response Team (CIRT) 👇
1/During the Unauthorized IAM Credential Use - Simulation and Detection
workshop, you will simulate the unauthorized use of IAM credentials by using a script invoked within #AWSCloudShellgo.aws/3XU6zG7
2/At the Ransomware on S3 – Security Event Simulation and Detection workshop, you will use an AWS CloudFormation template to replicate an environment with multiple IAM users and five #AmazonS3 buckets ⏩ go.aws/3HdX8Ky
3/During the Cryptominer Based Security Events – Simulation and Detection workshop, you will simulate a cryptomining security event by using a CloudFormation template to initialize three #Amazon EC2 instances ⏩ go.aws/3HkRl5P
4/At the SSRF on IMDSv1 – Simulation and Detection workshop, you will simulate the unauthorized use of a web application that is hosted on an EC2 instance configured to use Instance Metadata Service Version 1 (IMDSv1) and vulnerable to #SSRFgo.aws/3Y1bPHS
5/Finally, during the AWS CIRT Toolkit For Automating Incident Response Preparedness workshop, you will install and experiment with some common tools and utilities that #AWSCIRT uses on a daily basis ⏩ go.aws/3HmMXUd

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with AWS Security

AWS Security Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @AWSSecurityInfo

Dec 6, 2022
📣🧵#reInvent RECAP: Key Security Launches

Did you miss our big event in Las Vegas? Don't worry. We got you covered. Here's what's newly launched for all things security🔐

See below (in no particular order)⬇️
New for #AWSControlTower – Comprehensive Controls Management makes it easier for regulated customers to make AWS available for use by their developers. Use it to apply managed preventative, detective, and proactive controls to accounts

go.aws/3P9ChLV Image
#AmazonSecurityLake automatically centralizes security data from cloud, on-premises, and custom sources into a purpose-built data lake stored in your account. Automate your central management of security data

go.aws/3VTSR4O Image
Read 12 tweets
Jul 14, 2022
🛡️Get the current recommendations for implementing #AWSWAF to protect existing and new web applications 👇👇👇
1/Understand what type of threats your web applications may be facing. Web applications face different kinds of threats that #AWSWAF can help you mitigate, such as:

⮞DDoS Attacks
⮞Web application attacks
⮞Bots

go.aws/3IBdtco
2/Gather and define the requirements which will make this implementation successful for your business. Some common #AWSWAF requirements include:

⮞Protections
⮞Governance
⮞Logging

go.aws/3cjeE4s
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(