In the Lustrum Cyber Talk with our Chairman Jan De Blauwe, Marc Goodman looked back on the past five years' technology evolution through a unique wide-angle lens of cybercrime.
Incident Response in the Cloud – Webinar 29 June 2029
29 juin 2020 – Cyber Security Coalition
However difficult the foggy cloud may make it to find out what you need to know, there is always a ray of sunshine that shines a light on security… Because yes, you can automate incident response in the cloud, as Jeroen Vandeleur, Service Line Manager for cyber architecture and cloud security at NVISO, proves in his presentation. That is, provided you enable the available means in the cloud to log and centralize the necessary information, “this is part of the shared responsibility regarding security in the cloud!” Otherwise, you will have no idea about the means, the motive and the opportunity of the cyber criminal. “It would be like a murder case, without a body.”
Common mistakes relate to traffic filtering/logging, enabling default logging, the retention period of log data, access management, host configurations and identification of resource owner – “6 challenges when doing incident response in the cloud.” Both MS Azure and Amazon AWS provide basic and advanced security features, “so make use of what is available,” with Jeroen Vandeleur providing a concise comparison of both offerings.
The ultimate proof of the pudding is in showing how to actually automate incident response handling in a SOC. NVISO has an agile and flexible approach, based on the military ‘observe, orient, decide, act upon’ principle (OODA). Jeroen Vandeleur provided an example of how to script response rules, based on an internal incident case, finishing with an extensive demo (with reference where the script code can be found).
This webinar was the final session in the Cloud Security experience-sharing event, with grateful appreciation expressed to Jeroen Vandeleur as the driving force behind this event.
Nos autres articles
In this webinar Nataliia Bielova and Cristiana Teixeira Santos decipher EU legal requirements on consent and analyze the technical means available to verify compliance of cookie banners.
Cyber Talk: How to implement a Coordinated Vulnerability Disclosure Policy/Bug Bounty Programme for your organization? – 26 November 2020
This webinar helps you understand the key elements to implement a Coordinated Vulnerability Disclosure Policy supported by a bug bounty programme, whether you work for a corporation, nonprofit, open source project, or public entity.
Absence of evidence is not evidence of absence! This aphorism is more than ever valid in Cyber Security, people stating that they never had a breach probably simply do not know that they have been breached. This presentation given by Luk Schoonaert – Director of Technology @ Exclusive Networks, Value Add Distributor of Emerging Technologies […]
In this webinar Semetis demystified Internet cookies and provided clarity about their working. They also provided an insight into a future without (third party) cookies.