This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Player FM -播客应用
使用Player FM应用程序离线!
使用Player FM应用程序离线!
EP103 Security Incident Response and Public Cloud - Exploring with Mandiant
Manage episode 352651735 series 2892548
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Guest:
- Nader Zaveri, Senior Manager of IR and Remediation at Mandiant, now part of Google Cloud
Topics:
- Could we start with a story of a cloud incident response (IR) failure and where things went wrong?
- What should that team have done to get it right?
- Are there skills that matter more in cloud incidents than they do for on-prem incidents? Are there on-prem instincts that will lead incident responders astray in cloud?
- What 3 things an IR team leader needs to do to prepare his team for IR in the cloud?
- Are there on-premise tools that can stay on prem and not join us in the cloud?
- What processes should we leave behind? Keep with us?
- What logs and context should we prepare for cloud IR? What access should we have behind “break glass”?
- While doing IR, what things should we look at in the cloud logs (which logs, also?) to expedite the investigation?
Resources:
- “How to Cloud IR or Why Attackers Become Cloud Native Faster?” (ep98)
- “How to prepare for detection & response in the cloud” Google Cloud Next 2022 presentation
- “Security Incident Response in the Cloud: A Few Ideas” blog
- GCP Cloud Logging
- “Security at Scale: Logging in AWS” paper
- “AWS Security Incident Response Whitepaper” paper
170集单集
Manage episode 352651735 series 2892548
内容由Anton Chuvakin提供。所有播客内容(包括剧集、图形和播客描述)均由 Anton Chuvakin 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal。
Guest:
- Nader Zaveri, Senior Manager of IR and Remediation at Mandiant, now part of Google Cloud
Topics:
- Could we start with a story of a cloud incident response (IR) failure and where things went wrong?
- What should that team have done to get it right?
- Are there skills that matter more in cloud incidents than they do for on-prem incidents? Are there on-prem instincts that will lead incident responders astray in cloud?
- What 3 things an IR team leader needs to do to prepare his team for IR in the cloud?
- Are there on-premise tools that can stay on prem and not join us in the cloud?
- What processes should we leave behind? Keep with us?
- What logs and context should we prepare for cloud IR? What access should we have behind “break glass”?
- While doing IR, what things should we look at in the cloud logs (which logs, also?) to expedite the investigation?
Resources:
- “How to Cloud IR or Why Attackers Become Cloud Native Faster?” (ep98)
- “How to prepare for detection & response in the cloud” Google Cloud Next 2022 presentation
- “Security Incident Response in the Cloud: A Few Ideas” blog
- GCP Cloud Logging
- “Security at Scale: Logging in AWS” paper
- “AWS Security Incident Response Whitepaper” paper
170集单集
所有剧集
×欢迎使用Player FM
Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。