Jul 01, 2015
@marknca
Strategy
Tactics
Traditional Responsibility Model
You
AWS You
Shared Responsibility Model
AWS
Facilities
Physical
Network
Virtualization Layer
You
Shared Responsibility Model
Monitoring
Forensics
4 pillars of practice
SANS incident response process
SANS incident response process
Business point of view
Incident response before
Server
Analyze Repair Improve
Replacement
Incident response before
Instance
Analyze Repair Improve
Replacement
Advantages
In action…
Optimized response
Optimized response
Instance
Script
Analyze
Improve
API
Replacement
Business point of view
Creating an audit trail before
Servers
Change
RecordStorage Logs
Firewall / IPS
Creating an audit trail before
Instances
Change
Record
Central
ManagementLogs
AWS Services
In action…
Please give us your feedback on this session.
Complete session evaluations and earn re:Invent swag.
http://bit.ly/awsevals