Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Amazon GuardDuty - Lightning talk

Gerardo Castro Arica
September 15, 2021
Technology
0
17

Amazon GuardDuty - Lightning talk

Gerardo Castro Arica

September 15, 2021
Tweet

More Decks by Gerardo Castro Arica

See All by Gerardo Castro Arica
AWSCloudPractitioner_Q&A
gerardokaztro
0
45
Como detectar y responder amenazas con AWS GuardDuty
gerardokaztro
0
23
Fundamentos de Seguridad en AWS
gerardokaztro
0
36
AWS WAF & Bot Control
gerardokaztro
0
20
Introducción a ASG
gerardokaztro
0
18
Introducción a Amazon ECS
gerardokaztro
0
26
Introducción a AWS CloudFormation
gerardokaztro
0
36
Introduction to Amazon Kendra
gerardokaztro
0
36

Other Decks in Technology

See All in Technology
Semantic Kernel LT
takashi1029
1
240
これから始める継続的インテグレーション - GitHub Actions編
devops_vtj
0
120
Deep Dive into Jetpack Compose State
jisungbin
0
170
社内でChatGPTを利用するためのガイドラインを整備した話
yoshikieguchi
0
700
リリースノートにないCDKのアップデートを見てみよう
watany
0
680
テスト設計チュートリアル/Test Design Tutorial
goyoki
5
3.9k
Amazon VPC Lattice を使い始める前におさえておきたいポイント n 選 / Introduction to VPC Lattice
hayaok3
1
720
Save the state
keithyokoma
0
140
AWS CDKにテストは必要?試行錯誤したスクラム開発事例を紹介!/CdkConJp2023
mhrtech
2
840
NeuralSeek_20230518
tkhresk
0
520
問題解決の促進-New Relicの導入から全社活用までの道のり- / Facilitate problem solving
yayoi_dd
0
300
Road to RubyKaigi Speaker (case sue445) #rubykaigi2023_after
sue445
PRO
0
350

Featured

See All Featured
A Tale of Four Properties
chriscoyier
149
21k
Creatively Recalculating Your Daily Design Routine
revolveconf
207
11k
Facilitating Awesome Meetings
lara
35
4.8k
GraphQLとの向き合い方2022年版
quramy
23
11k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
152
13k
Adopting Sorbet at Scale
ufuk
66
8k
No one is an island. Learnings from fostering a developers community.
thoeni
13
1.7k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
236
1.1M
Testing 201, or: Great Expectations
jmmastey
26
5.9k
A better future with KSS
kneath
230
16k
Infographics Made Easy
chrislema
236
17k
Web Components: a chance to create the future
zenorocha
304
41k

Transcript

  1. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
    Amazon GuardDuty:
    Why is a quick win that every
    organization should activate?
    Gerardo Castro Arica
    Security Architect
    B89
    L I G H T N I N G T A L K
    S P O N S O R E D B Y B 8 9

    View Slide

  2. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
    ❑ Passionate for sharing AWS
    knowledge
    ❑ Love see cybersecurity topics
    ❑ Co-Organizer AWS UG Peru
    ❑ Daddy of 3 daugther
    ❑ Content builder
    ❑ Dogs Lover
    About me
    - someone said:
    “Great power, carries great
    responsability”

    View Slide

  3. Amazon GuardDuty
    VPC Flow Logs
    DNS Logs
    CloudTrail Events
    Findings
    Threat
    intelligence
    Anomaly
    detection
    (ML)
    Amazon Detective
    • Alert
    • Remediation
    • Send to SIEM
    • Solutions
    technology
    partners
    CloudWatch Event
    Type of findings
    • Bitcoin mining
    • Command & Control
    • Anonymous connections
    • Recognition
    Unusual Behavior
    Example:
    • Launch instances
    • Changes in network permissions
    • Anomalies in the behavior of he
    network
    • Anomalous patterns of access to
    the data in Amazon S3
    Amazon GuardDuty
    Data source Detection type
    HIGH
    MEDIUM
    LOW
    AWS SecurityHub
    S3 DataPlane Events

    View Slide

  4. Thank you!
    © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
    Gerardo Castro Arica
    Security Architect
    Lumen
    Follow me!
    @gerardokaztro

    View Slide