Introduction to AWS Threat Detection

سرفصل های دوره

If you work in an AWS cloud environment, you can’t overlook the importance of security. Join instructor Day Johnson in this beginner-friendly course for an overview of how cloud security analysts, cloud security engineers, and cloud incident responders can use AWS to investigate and analyze potentially compromising security threats.

Explore foundational skills and tactics for auditing activities with MITRE Cloud Matrix and CloudTrail as well as how to investigate compute threats, IAM threats, and storage threats. By the end of this course, you’ll also have the skills required to start detecting threats with Amazon GuardDuty, the threat detection service built into AWS. This course also caters to entry-level security or cloud professionals looking to learn the basics of AWS cloud threat analysis.

01 - Introduction

01 - The rise of cloud threats

02 - What you should know

02 - 1. MITRE Cloud Matrix

01 - Understanding the MITRE Cloud Matrix

02 - MITRE Cloud Tactics

03 - 2. Log Analysis in AWS

01 - Why you need cloud audit logs

02 - Understanding cloud planes

03 - CloudTrail basics

04 - How CloudTrail works

05 - CloudTrail demo

06 - Creating your first trail

04 - 3. CloudTrail Log Analysis

01 - Introduction to CloudTrail log analysis with jq

02 - jq installation

03 - Unzipping CloudTrail files in bulk

04 - Analyzing AWS identities with jq

05 - Analyzing AWS events with jq

06 - Enumeration in AWS

07 - Analyzing AWS enumeration events with jq

08 - Extracting AWS event details with jq

09 - Introduction to CloudTrail log analysis with CloudTrail Lake

10 - Getting started with AWS CloudTrail Lake

11 - Challenge Analyze CloudTrail Logs with jq

12 - Solution Analyze CloudTrail Logs with jq

05 - 4. Investigating Compute Threats

01 - Analyzing enumeration attacks from EC2 instances

02 - Amazon EC2 AMI exfiltration

03 - Amazon EBS snapshot exfiltration

06 - 5. Investigating IAM Threats

01 - AWS access key leakage

02 - Malicious IAM user creation

03 - Malicious access key creation

04 - Malicious login profile creation

05 - Malicious login profile update

06 - Malicious privileged role assignment

07 - 6. Investigating Storage Threats

01 - S3 bucket enumeration

02 - S3 bucket versioning modification

03 - S3 bucket policy modification

04 - S3 object exfiltration

05 - S3 object deletion

08 - 7. Investigating Logging and Monitoring Threats

01 - CloudTrail logging stopped

02 - CloudTrail trail deletion

09 - 8. Amazon GuardDuty

01 - Detecting AWS threats with GuardDuty

10 - Conclusion

01 - Learning more about AWS security

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: LinkedIn Learning (Lynda)