How to leverage endpoint detection and response (EDR) in AWS investigations
Justin Henderson, SANS Analyst | Saager Khasnis, Partner Solutions Architect at AWS
About this talk
Adding EDR capabilities into your AWS (Amazon Web Services) environment can inform investigations and provide actionable details for remediation. Attend this webinar to discover how to unpack and leverage the telemetry provided by endpoint security solutions using MITRE Cloud examples, such as Exploit Public-Facing Application (T1190) and Data Transfer to Cloud Account (T1537) by examining process trees. You will also find out how these solutions can help identify who has vulnerable software or configurations on their systems by leveraging indicators of compromise (IOC) to pinpoint the depth and breadth of malware (MD5).
View this on-demand webinar to learn how to:
- Utilize endpoint security visibility to enrich your investigations in AWS
- Use EDR to add thousands of host-based observables for threat hunting
- Auto-scale threat detection across all your cloud endpoints
- Integrate a cloud access security broker (CASB) to extend protection to cloud apps
Who Should Attend?
Security practitioners (Security Analysts, Security Architects, Senior Security Engineers, etc.), Cloud Security Architects, and the office of the CISO.
AWS Marketplace is an online store that helps customers discover, purchase, migrate and immediately start using the software and services they need to build products and run their businesses. English Speaking Webinars.…