Post on 01-Jul-2015
@marknca
Strategy
Tactics
Traditional Responsibility Model
You
AWS You
Shared Responsibility Model
AWS
Facilities Physical Network Virtualization Layer
You
Shared Responsibility Model
Monitoring Forensics
4 pillars of practice
SANS incident response process
SANS incident response process
Business point of view
Incident response before
Server
Analyze Repair Improve
Replacement
Incident response after
Instance
Analyze Repair Improve
Replacement
Advantages
In action…
Optimized response
Optimized response
Instance
Script
Analyze
Improve
API
Replacement
Business point of view
Creating an audit trail before
Servers
Change Record Storage Logs
Firewall / IPS
Creating an audit trail before
Instances
Change Record
Central Management
Logs
AWS Services
In action…
Please give us your feedback on this presentation
#reinvent