8.html

Module 8 - Security Engineering on AWS: Responding to Threats

Unit notes:
AWS Security Incident Response Guide https://docs.aws.amazon.com/whitepapers/latest/aws-security-incident-response-guide/aws-security-incident-response-guide.html
Incident response https://docs.aws.amazon.com/awssupport/latest/user/incident-response.html
Use indicators of compromise (IOCs) https://docs.aws.amazon.com/whitepapers/latest/aws-security-incident-response-guide/use-indicators-of-compromise.html
Security Inciden Response Simulations https://docs.aws.amazon.com/whitepapers/latest/aws-security-incident-response-guide/types-of-simulations.html
Penetration Testing https://aws.amazon.com/security/penetration-testing
AWS Security Hub User Guide https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html
AWS Security Hub API Reference https://docs.aws.amazon.com/securityhub/1.0/APIReference/index.html
AWS Security Hub Partner Integration Guide https://docs.aws.amazon.com/securityhub/latest/partnerguide/index.html
Available AWS service integrations https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-internal-providers.html
Insights in AWS Security Hub https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-insights.html
Amazon SNS message data protection is now generally available with real-time data redaction and masking https://aws.amazon.com/about-aws/whats-new/2022/11/amazon-sns-message-data-protection-available-real-time-data-redaction-masking
Automated Security Response on AWS https://aws.amazon.com/solutions/implementations/automated-security-response-on-aws
Amazon Inspector https://aws.amazon.com/inspector/
What is Amazon Inspector? https://docs.aws.amazon.com/inspector/latest/user/what-is-inspector.html
GuardDuty Finding types https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_finding-types-active.html
Amazon GuardDuty User Guide https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html
AWS Service Integrations with Amazon GuardDuty https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_integrations.html
User Guide Topic: Working with trusted IP lists and threat lists https://docs.aws.amazon.com/guardduty/latest/ug/guarduty_upload-lists.html
GuardDuty HTTPS API Reference https://docs.aws.amazon.com/guardduty/latest/APIReference/Welcome.html
Amazon GuardDuty FAQs https://aws.amazon.com/guardduty/faqs/
Malware Protection in Amazon GuardDuty https://docs.aws.amazon.com/guardduty/latest/ug/malware-protection.html
What is Amazon GuardDuty? https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html
Working with trusted IP lists and threat lists in GuardDuty https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_upload-lists.html
Sharing threat intelligence just got a lot easier! https://oasis-open.github.io/cti-documentation
GuardDuty suppression rules https://docs.aws.amazon.com/guardduty/latest/ug/findings_suppression-rule.html
How to perform automated incident response in a multi-account environment https://aws.amazon.com/blogs/security/how-to-perform-automated-incident-response-multi-account-environment/
Amazon Detective User Guide https://docs.aws.amazon.com/detective/latest/userguide/index.html
Amazon Detective Administrators Guide https://docs.aws.amazon.com/detective/latest/adminguide/index.html
Overview of the behavior graph data structure https://docs.aws.amazon.com/detective/latest/userguide/graph-data-structure-overview.html
Source data used in a behavior graph https://docs.aws.amazon.com/detective/latest/adminguide/detective-source-data-about.html
Amazon Detective API Reference https://docs.aws.amazon.com/detective/latest/APIReference/index.html
Automate Amazon EC2 Instance Isolation by Using Tags https://aws.amazon.com/blogs/security/automate-amazon-ec2-instance-isolation-by-using-tags
Automated Forensics Orchestrator for Amazon EC2 https://aws.amazon.com/solutions/implementations/automated-forensics-orchestrator-for-amazon-ec2/
Automated Forensics Orchestrator for Amazon EC2 Implementation Guide https://docs.aws.amazon.com/solutions/latest/automated-forensics-orchestrator-for-amazon-ec2/welcome.html
Amazon EventBridge https://aws.amazon.com/eventbridge/
Amazon EventBridge User Guide https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html

Trainings:
Getting Started with AWS Security, Identity, and Compliance https://explore.skillbuilder.aws/learn/course/internal/view/elearning/101/getting-started-with-aws-security-identity-and-compliance
AWS Security Fundamentals (Second Edition) https://explore.skillbuilder.aws/learn/course/internal/view/elearning/48/aws-security-fundamentals-second-edition
Cloud Audit Academy - Cloud Agnostic https://explore.skillbuilder.aws/learn/course/internal/view/elearning/459/cloud-audit-academy-cloud-agnostic
Introduction to Amazon Inspector https://explore.skillbuilder.aws/learn/course/internal/view/elearning/185/introduction-to-amazon-inspector
Getting Started with Amazon GuardDuty https://explore.skillbuilder.aws/learn/course/internal/view/elearning/13518/getting-started-with-amazon-guardduty
Getting Started with Amazon Detective https://explore.skillbuilder.aws/learn/course/internal/view/elearning/14077/getting-started-with-amazon-detective
Building Event-Driven Applications With Amazon EventBridge https://explore.skillbuilder.aws/learn/course/internal/view/elearning/15008/building-event-driven-applications-with-amazon-eventbridge
AWS Observability https://explore.skillbuilder.aws/learn/course/internal/view/elearning/14688/aws-observability

Videos:
Getting Hands on with Amazon GuardDuty - AWS Virtual Workshop https://www.youtube.com/watch?v=eq3_H-aiHhk
Detecting and Remediating Threats to Your AWS Accounts and Workloads with Amazon GuardDuty https://www.youtube.com/watch?v=Bd4pTqAuvBQ
AWS re:Inforce 2019: Threat Detection on AWS: An Introduction to Amazon GuardDuty https://www.youtube.com/watch?v=czsuZXQvD8E
Integration, Prioritization, and Response with AWS Security Hub - AWS Virtual Workshop https://www.youtube.com/watch?v=LDOOnCxossQ
An Overview of AWS Security Hub https://www.youtube.com/watch?v=oBac-GAoZJ8
The top 7 ways to operationalize AWS Security Hub https://www.youtube.com/watch?v=ZEgCsKHPpFI
Amazon Detective Security Scenario Investigation Walk Through https://www.youtube.com/watch?v=Rz8MvzPfTZA
Using Amazon Detective to improve security investigations https://www.youtube.com/watch?v=vd_VHg6-xWc
Introducing Amazon Detective https://www.youtube.com/watch?v=BqL7d86dXyY
Automating Incident Response and Forensics https://www.youtube.com/watch?v=f_EcwmmXkXk
Top incident response tips from AWS https://www.youtube.com/watch?v=Cu20aOvnHwA
Amazon Inspector Overview Demo https://www.youtube.com/watch?v=Nx8s7lwapoE
Building an event-driven application with Amazon EventBridge https://www.youtube.com/watch?v=mOysNzNFDRw
How To Get Started With Amazon EventBridge https://www.youtube.com/watch?v=ea9SCYDJIm4

Previous Top Next