Threat detection and response in the cloud
In this session we talk about how to do detection and response in the AWS public cloud and what native AWS services can be used to do this. What options are available and what (if any) 3rd party solutions play a role here? If it was up to us, what are the top use cases a security operations center should monitor in a public cloud environment? Is a traditional SIEM solution still required or can we build a similar function using native AWS services?
Securing your Secrets in the Cloud
Have you spotted access keys in code? Putting it directly in your code might not be a good idea. Maybe you saw that Kubernetes offers secrets for this. Have you found your Kubernetes secrets to be readable by everyone? So where do you put your secrets in a secure way? In this session we will look at various solutions, such as Hashicorp Vault, Kubernetes, and solutions offered by AWS.