Automated Defence for Cloud Security in AWS using Serverless

Abstract

Monitoring for attacks and defending them in real-time is crucial. Making the right choices during attacks can prove to be a nightmare even with the solutions already available in the market. In this talk we will see how an automated defence system powered by Serverless can be used to block attacks against our cloud infrastructure. By collecting logs from various sources we will monitor, analyse and act by applying defensive rules against attackers automatically. We will use AWS for managing and securing the infrastructure discussed in our talk.

Date
Location
Bangalore, India

Blog Post

Avatar
Madhu Akula
Never Ending Learner!

Madhu Akula is a security ninja, published author and cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops and cloud native communities (null, DevSecOps, AllDayDevOps, etc). Hold industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26 & 27), BlackHat USA (2018 & 19), USENIX LISA 2018, O’Reilly Velocity EU 2019, Appsec EU 2018, All Day DevOps (2016, 17, 18 & 19), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18), Nullcon (2018, 19), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.

Next
Previous