When shifting workloads to the cloud, event data (management events in particular) will take on new forms that security teams will need to identify, store, and process to discover potential threats. This talk begins by stepping through the overall lifecycle of management plane events in a cloud environment. This will help us more effectively identify threats targeting cloud resources. But what about response actions? Up to this point, many teams are relying on their security analysts and incident response teams to identify and react to threats identified amongst massive amounts of log data. Serverless technologies brought to us by cloud vendors, which are primarily designed to help operations teams, also allow defenders to identify and react to various threats in cloud environments. This session will show you how to leverage this efficient, scalable, and cost-effective serverless technology to respond quickly to adversarial activity.
Translated Recordings are listed below.
View Japanese Recording (ディフェンダーのためのサーバーレス):
View Thai Recording (พากย์เป็นภาษาไทย):
View Korean Recording (방어자들을 위한 서버리스):
View Vietnamese Recording (Phương pháp bảo mật phi máy chủ)
View Bahasa Indonesian (Pertahanan Keamanan Tanpa Server):