How to Build a Threat Detection Strategy in AWS
by from IEEE Spectrum on (#4VFNH)
One of the major concerns security teams have when their organization migrates business to a cloud environment is losing visibility into their systems and threat detection capabilities. Traditional network- and host-based monitoring can be adapted to support intrusion detection in the cloud. In this webcast, SANS Analyst David Szili focuses on the keys to detecting threats in the AWS environment and presents use cases to demonstrate best practices.
Attendants will learn how to:
- How organizations can ensure intrusion detection and prevention and enhance visibility for threat detection in AWS using tools such as Amazon VPC Traffic Mirroring
- What data sources are available for continuous monitoring
- Which AWS-native tools are most useful for event management and analysis
- How to automate monitoring processes