This month, we will be joined by Alex Groyz who will be sharing with us about automating containment of AWS services during incident response:
Any organization with sensitive data can be the target of a cyberattack, regardless of size or industry sector. As more and more enterprises move to the cloud, the threat landscape is evolving at an accelerated rate in which adversaries deploy advanced tactics to reach their end goal. Incident response is critical in securing your data and preventing an attack from wreaking havoc on your organization.
After detecting an event in the detection phase of an incident response and analyzing it in the analysis phase — I will present a solution that you can use to automate the containment of the four supported AWS services: IAM User, IAM Roles, Lambda Functions, and EC2 instances.Alex Groyz is a cloud security architect at Vectra AI specializing in AWS. He has broad knowledge across the technology spectrum. Alex helps customers create a hybrid cloud migration strategy and build their presence on the cloud. He has over a decade of experience in various engineering roles and enjoys working with diverse stakeholders with a focus on the cloud
As usual, we will be meeting online at https://cafe.cyberia.club/dc612.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.