Incident Response in the AWS cloud

€1,650

Incident Response in the AWS cloud

Course
117 Lessons

Learn how to respond to incidents in AWS! In this course you will learn how to respond to incidents in AWS environments. You will get access to a live training environment in AWS, multiple live attack & defense labs. Last but not least, two CTF challenges where you can showcase your skills!

Buy now

Course Resources

Course References

113 KB

AWS CloudTrail CheatSheet

146 KB

Athena Cheat Sheet

213 KB

Welcome

Course Introduction

0 mins
124 MB

Lab 1.0 - Getting Started

Lab 1.0 - Instructions

3 mins
5.37 MB

Lab 1.0 - Walkthrough (with solutions)

14 mins
46.3 MB

Introduction

Course Roadmap & Structure

0 mins
129 MB

AWS Basics

AWS Hierarchy

0 mins
173 MB

IAM Users & Groups

0 mins
165 MB

IAM - Policies

0 mins
192 MB

IAM - Roles

0 mins
100 MB

Demo - Switching a role

3 mins
6.98 MB

Demo - Assuming a role

5 mins
16.7 MB

IAM - Roles for IR

0 mins
132 MB

IAM - Access Analyzer for IR

0 mins
42.8 MB

Commonly attacked services

0 mins
55.4 MB

Lab 1.1 - Exploring AWS

Lab 1.1 - Instructions

1 min
2.67 MB

Lab 1.1 - Walkthrough (with solutions)

10 mins
31.9 MB

AWS Security

AWS security services - Overview

0 mins
70.6 MB

Amazon GuardDuty

0 mins
167 MB

Amazon Inspector

0 mins
50.2 MB

Amazon Detective

0 mins
89.6 MB

AWS Security Hub

0 mins
54.4 MB

AWS Security Lake

0 mins
70.2 MB

Lab 1.2 - Investigating a security alert

Lab 1.2 - Instructions

3 mins
6.33 MB

Lab 1.2 - Walkthrough (with solutions)

17 mins
87.4 MB

AWS Threats

AWS Incidents & Common Threats

0 mins
118 MB

Common Threats - IAM & S3

0 mins
172 MB

Common Threats SES & Kubernetes

0 mins
139 MB

Threat Framework overview & MITRE

0 mins
114 MB

Hacking The Cloud

0 mins
68.9 MB

Stratus Red Team

0 mins
85.7 MB

Demo: Simulate attacks with Stratus Red Team

3 mins
12.7 MB

AWS Attack tools

Overview & Prowler

0 mins
92 MB

Demo - Prowler

4 mins
16.7 MB

CloudFox

0 mins
82.6 MB

Other tools

0 mins
63.2 MB

AWS Forensics - Log overview

AWS Forensics - Overview

0 mins
86.5 MB

Approach & Process

0 mins
344 MB

AWS Log overview

0 mins
163 MB

Preview

Log strategy

0 mins
165 MB

AWS Forensics - Log acquisition

Log acquisition

0 mins
307 MB

Lab 1.3 - Determining log availability

Lab 1.3 - Instructions

3 mins
7.3 MB

Lab 1.3 - Walkthrough (with solutions)

21 mins
91.6 MB

AWS Forensics - Log processing

Log destinations

0 mins
26.5 MB

CloudWatch

0 mins
25.8 MB

Athena

0 mins
173 MB

Security Lake

0 mins
136 MB

OpenSearch

0 mins
97.8 MB

Conclusion

0 mins
65.7 MB

AWS Forensics - Log analysis

Cloud native options in AWS

0 mins
65.6 MB

Option 1 - Athena

0 mins
307 MB

Option 2 - OpenSearch

0 mins
80.7 MB

Option 3 - CloudWatch

0 mins
135 MB

Lab 1.4 - Using Athena for log analysis

Lab 1.4 - Instructions

4 mins
11.3 MB

Lab 1.4 - Walkthrough (with solutions)

12 mins
35.5 MB

AWS Forensics - Log analysis (CloudTrail)

Overview & Event Types

0 mins
192 MB

Configuring Trails

0 mins
162 MB

(Advanced) Event Selectors

0 mins
110 MB

Management Events - contents

0 mins
93.6 MB

CloudTrail analysis - eventName

13 mins
243 MB

CloudTrail Cheatsheet

0 mins
48 MB

CloudTrail analysis - userIdentity

0 mins
303 MB

CloudTrail analysis - requestParameters & responseElements

0 mins
120 MB

CloudTrail analysis - Other fields

0 mins
128 MB

Data Events - Overview

0 mins
47.4 MB

Data Events vs. S3 access logs

0 mins
98.7 MB

CloudTrail Data events - Analysis

0 mins
137 MB

S3 access logs - Analysis

0 mins
87.7 MB

Insights Events

0 mins
29.4 MB

CloudTrail analysis - Tips

0 mins
114 MB

Cloudtrail analysis - wrap-up

0 mins
52.1 MB

Lab 1.5 - Investigating your first AWS incident

Lab 1.5 - Instructions

2 mins
5.16 MB

Lab 1.5 - Walkthrough (with solutions)

15 mins
48.8 MB

Preview

AWS Forensics - Log analysis (VPC flow logs)

VPC Introduction

0 mins
106 MB

VPC Flow logs

0 mins
79.3 MB

VPC Flow logs in Athena

0 mins
30.1 MB

VPC Flow logs - Analysis

0 mins
82.2 MB

AWS Forensics - Log analysis (Other logs)

Route 53 logs - Analysis

0 mins
104 MB

Load Balancer logs - Analysis

0 mins
89 MB

AWS Forensics - Host forensics

Host Forensics - EC2 & Containers

0 mins
286 MB

Host Forensics - SSM

0 mins
79.4 MB

Bonus Lab - Using Cado for cloud incident response

Bonus lab - Instructions

4 mins
9.95 MB

Bonus lab - Walkthrough (with solutions)

16 mins
49.3 MB

AWS Attacks

Attack Introduction & Phases

0 mins
92.9 MB

AWS Attacks - Part I

Initial Access

0 mins
246 MB

Discovery

0 mins
184 MB

Execution

0 mins
281 MB

Lab 1.6 - AWS Attacks Part I

Lab 1.6 - Instructions

3 mins
8.23 MB

Lab 1.6 - Walkthrough (with solutions)

10 mins
40.4 MB

AWS Attacks - Part II

Privilege Escalation

0 mins
58.7 MB

Persistence

0 mins
182 MB

Defense Evasion

0 mins
278 MB

Lab 1.7 - AWS Attacks Part II

Lab 1.7 Instructions

1 min
2.96 MB

Lab 1.7 - Walkthrough (with solutions)

12 mins
58.9 MB

AWS Attacks - Part III

Credential Access

0 mins
184 MB

Preview

Lateral Movement

0 mins
66.6 MB

Collection

0 mins
88.8 MB

Impact

0 mins
160 MB

Exfiltration

0 mins
264 MB

Lab 1.8 - AWS Attacks Part III

Lab 1.8 Instructions

2 mins
3.88 MB

Lab 1.8 - Walkthrough (with solutions)

11 mins
57.5 MB

Cloud Incident Response Process

On-premise vs. Cloud IR

0 mins
141 MB

Cloud Incident Response Process

0 mins
69.6 MB

Prepare

0 mins
203 MB

Detection & Analysis

0 mins
121 MB

Contaiment, Eradication & Recovery

0 mins
165 MB

Post-Incident Activity

0 mins
143 MB

Cloud Incident Case Study #1 - Ransomware

Case Study - Ransomware

0 mins
119 MB

Cloud Incident Case Study #2 - Long compromise

Case Study - Longer Compromise

0 mins
267 MB

Capture the Flag (CTF) - Competition

Mad Men (CTF) - Instructions

9 mins
30.1 MB

Mad Men (CTF) - CTF Password

Welcome to crypto (CTF) - Instructions

4 mins
11.4 MB

Welcome to crypto (CTF) - CTF password

Course wrap-up

Wrap-up & Next steps

0 mins
60.7 MB

Certificate of Completion - Request

Request certificate