AWS INCIDENT RESPONSE - Automate Containment - a podcast by Kaizenteq Team

Cloud Security Podcast -  NIST Incident response framework has 4 steps including one for Containment. AWS Incident Response being API enabled allows for automating a lot of incident response activity especially containment. In this episode with Damien Burks (⁠Damien - Linkedin⁠) spoke about his  @fwdcloudsec  talk where he shared how he automated Incident Response in AWS environments of Citi. There were lot more gems dropped so def check out the episode.

Episode YouTube Video - https://youtu.be/IrLuHMLQs_w

Host Twitter: Ashish Rajan (⁠⁠⁠@hashishrajan⁠⁠⁠)

Guest Socials: Damien Burks (Damien - Linkedin)

Podcast Twitter - ⁠⁠⁠@CloudSecPod⁠⁠⁠ ⁠⁠⁠@CloudSecureNews⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

- ⁠⁠⁠Cloud Security News ⁠⁠⁠

- ⁠⁠⁠Cloud Security BootCamp⁠⁠⁠

Spotify TimeStamp for Interview Questions

A word from our sponsors - you can visit them on ⁠⁠⁠snyk.io/csp⁠⁠⁠

(00:00) Introduction
(00:13) A word from our sponsors - Snyk.io/csp
(01:16) A bit about Damien Burks
(02:24) Incident Response in the cloud context
(03:50) Is incident response different in the cloud?
(05:22) Average time for an incident response
(07:33) AWS services for incident response automation
(08:55) AWS Eventbridge
(11:56) The phases of incident response
(13:42) Containment Phase: Starting point and challenges
(17:54) Organisation with Multiple Accounts
(20:09) How to structure the process
(21:04) Containment for EC2 instance
(23:54) Enjoying this cloud security topic so far?

(25:17) Containment for S3 Bucket
(27:57) Where to start with incident response
(30:18) Preparing for Incidents
(32:08) Fun Questions

See you at the next episode!

Further episodes of Cloud Security Podcast

Further podcasts by Kaizenteq Team

Website of Kaizenteq Team