My key takeaways
- AWS CloudTrail: think of a master switch for the stack
- MTTR³ = Mean time to respond, resolve and recovery
- metrics giving valuable insights also for cloud security
- Possible steps in an automation playbook
- collect and aggregate event data
- determine anomalous behaviour and events
- determine appropriate response action
- build triggers to kick of response actions
- Using the OODA loop for handling security incidents might be a good strategy
Env
- Provided by:
- Presenter:
- Moderator: Jennifer