The following 5 workshops simulate multiple security events. Brought to you by the AWS Customer Incident Response Team (CIRT) 👇
1/During the Unauthorized IAM Credential Use - Simulation and Detection
workshop, you will simulate the unauthorized use of IAM credentials by using a script invoked within #AWSCloudShell ⏩ go.aws/3XU6zG7
2/At the Ransomware on S3 – Security Event Simulation and Detection workshop, you will use an AWS CloudFormation template to replicate an environment with multiple IAM users and five #AmazonS3 buckets ⏩ go.aws/3HdX8Ky
3/During the Cryptominer Based Security Events – Simulation and Detection workshop, you will simulate a cryptomining security event by using a CloudFormation template to initialize three #Amazon EC2 instances ⏩ go.aws/3HkRl5P
4/At the SSRF on IMDSv1 – Simulation and Detection workshop, you will simulate the unauthorized use of a web application that is hosted on an EC2 instance configured to use Instance Metadata Service Version 1 (IMDSv1) and vulnerable to #SSRF ⏩ go.aws/3Y1bPHS
5/Finally, during the AWS CIRT Toolkit For Automating Incident Response Preparedness workshop, you will install and experiment with some common tools and utilities that #AWSCIRT uses on a daily basis ⏩ go.aws/3HmMXUd
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Did you miss our big event in Las Vegas? Don't worry. We got you covered. Here's what's newly launched for all things security🔐
See below (in no particular order)⬇️
New for #AWSControlTower – Comprehensive Controls Management makes it easier for regulated customers to make AWS available for use by their developers. Use it to apply managed preventative, detective, and proactive controls to accounts
#AmazonSecurityLake automatically centralizes security data from cloud, on-premises, and custom sources into a purpose-built data lake stored in your account. Automate your central management of security data
🛡️Get the current recommendations for implementing #AWSWAF to protect existing and new web applications 👇👇👇
1/Understand what type of threats your web applications may be facing. Web applications face different kinds of threats that #AWSWAF can help you mitigate, such as: