A lot of people are intimidated by cloud security...that fear of the unknown. I used to be (and not long ago..) but it's actually not that complicated. Here's a few things to do to get started with #aws security from a blue team perspective 👇
Understand the basics. Learn the foundational services (EC2, VPC, RDS, EKS, Lambda)…AWS has tons of free training and documentation.
Learn IAM. Protip: it’s not Active Directory so there’s a learning curve but once you start to understand this, then it all will start to click (security-wise).
Understand the Shared Responsibility model - You’re now responsible for protecting the control plane (API) AND all of the actual computers (VMs/containers/etc.) - This is how you understand to architect sound security solutions (to include detection and response)
Learn GuardDuty and it’s detection use-cases (findings). Some of these are really noisy and some are really good.
CloudTrail is your bread and butter as a blue team. Learn these logs and their schema because when an incident happens, you’ll probably be swimming in these.
You can follow @amrandazz.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.