AUTOMATED DEFENSE USING SERVERLESS FOR AWS, AZURE AND GCP

Abstract

Monitoring for attacks and defending against them in real-time is crucial. Defending our cloud infrastructure during attacks can prove to nightmare even with the currently available solutions in the market. We live in cloud first era where the cloud is our first choice of deployment due to the convenience and scalability. In this training we will learn how to defend our cloud infrastructure using Serverless technologies and Elastic Stack. Elasticstack will collect, analyse logs and triggers alerts based on configured rule-set. Serverless stack drives the defence to perform automated blocking. It will be configured based on the use case and type of attacks. The currently solution works on AWS, Azure and GCP. It can be extended for other providers and custom solutions like in house firewalls, IPS, etc.

The world is advancing towards accelerated deployments using DevOps and Cloud technologies. Automated defence will solve the modern world security challenges using near real-time alerting system, serverless technologies and centralised monitoring system.

Date
Location
London, England

Scenarios

  • SSH Bruteforce detection & defense
  • Content Management System Audit analysis
  • VPC flow logs to defend cloud services (AWS)
  • IAM CloudTrail logs to detect and defend against backdoors (AWS)
  • Container logs to audit Kubernetes security
  • Cloud Custodian for automated compliance

Participants will get

  • Customised VM with all the required tools installed
  • Step by Step Gitbook covering the entire training (html, pdf, epub, mobi)
  • Custom Ansible Playbooks, Terraform scripts, etc.
  • Automated Defence Solution for AWS, Azure, GCP

Who Should Take This Course

  • Security Engineers & Analysts
  • SOC Teams
  • DevOps Teams
  • Who is interested in automating security monitoring

Student Requirements

  • Laptop with admin/root privileges for VM setup and wireless connectivity.
  • Students MUST sign up for AWS, Azure, GCP accounts before training.

Requirements

  • Able to use Linux CLI
  • Basic understanding of TCP/IP
  • Security Experience would be plus
  • Understanding about different cloud providers will be advantage