Skip to content

Threat detection & remediation in the Cloud - Presentation & Demo

License

Notifications You must be signed in to change notification settings

rferroni/aws-threat-detection-summit

Repository files navigation


Threat detection & remediation in the Cloud - Presentation

This session provides an overview of the latest developments in AWS threat detection and remediation. We also provide an overview of the AWS services used to detect and remediate threats. You can downloawd the presentation here.

aws-threat-detection-pic Speaker: Rodrigo Ferroni, STAM - Security Specialist, AWS - Linkedin


Threat detection & remediation in the Cloud - Demo

aws-threat-detection-demo For the demo we will:

  • Create a new ECR repository with scanOnPush feature enable.
  • Create a Docker image that contain (on purpuse) an old vulnerable package.
  • Review how Amazon ECR integration with Amazon Inspector generate Findings.
  • Create AWS Security Hub Custom Actions.
  • Create EventBridge Rules for those Custom Actions with different Targets:
    • CloudWatch Log group
    • SNS Topic with Input Transformation
    • Lambda Function to modify image tags

About

Threat detection & remediation in the Cloud - Presentation & Demo

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published