AWS Community Day Aurangabad 2023

Transcript

1. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. Aurangabad (Chh. Sambhajinagar) 2023 Venue Sponsor

2. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. AWS Security Incident Response By: Sankalp Sandeep Paranjpe Aurangabad (Chh. Sambhajinagar) 2023

3. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. AGENDA Aurangabad (Chh. Sambhajinagar) 2023 Introduction to Cybersecurity Security controls, procedures and practices Shared Responsibility Model Amazon GuardDuty and Inspector Incident Response

4. WHOAMI © 2018, Amazon Web Services, Inc. or its Affiliates.

   All rights reserved. AWS Cloud Captain Final year B.Tech student at MIT ADTU Pune Cloud Security, Application Security 2X AWS Certified EC Council CEH-Practical Certified Sankalp Sandeep Paranjpe

5. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. AWS Shared Responsibility Model

6. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. What is a security incident? Event Any observable occurrence in your IT infrastructure File created on a system The user logged in to the system System shut down Incident An Event that negatively affects IT systems and impacts the business System out of memory/disk Power/hardware failure Host/network unreachable Security Incident potentially jeopardizes the CIA Triad of an information system Malware installed on a system Unauthorized access to system Software vulnerability exploited

7. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. Incident Response Aurangabad (Chh. Sambhajinagar) 2023

8. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. Aurangabad (Chh. Sambhajinagar) 2023 Incident response refers to an organization’s processes and technologies for detecting and responding to – cyber threats, security breaches cyberattacks. The goal of Incident Response: To prevent cyberattacks

9. © 2018, Amazon Web Services, Inc. or its Affiliates. All

   rights reserved. Aurangabad (Chh. Sambhajinagar) 2023

10. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Define the vision, mission, and scope of incident response. Obtaining Management Approval and funding Assess the organizational structure, and security policies and develop an Incident response plan. Developing procedures and building IR Team. Prioritize assets and infrastructure Preparation

11. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Incident Recording Incident Triage Incident analysis Incident Classification Incident Prioritization Detection and Analysis

12. Containment Disabling the compromised service or system Changing passwords or

    disabling Accounts Gathering of evidence Forensic Analysis of Evidence

13. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Eradication of the root cause of the incident. Implement protection tools and techniques such as Firewalls etc. System Recovery after the eradication of incidents. Eradication and recovery

14. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved.

15. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved.

16. © 2018, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Image caption 1 Image caption 2 Image caption 3 Image caption 4 Image caption 5 Image caption 6 Aurangabad (Chh. Sambhajinagar) 2023 Let's Connect: https://www.linkedin.com/in/sankalp-s-paranjpe/ https://twitter.com/SankalpParanjpe Thank you!