BSidesSF 2023

Event locked in Sched to limit confusion. See registration to determine current session availability.
YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2023 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched)
-----
Today's DevOps world has new responsibilities added to the everyday engineer's existence. A developer often has to assist in incident response and threat hunts. Unfortunately, these skills are hard to learn and can come at a cost if they are done on the job during an event. TableTop/Online Workshop
-----
Today's DevOps world has several new responsibilities added to the everyday engineer's existence. For example, a developer must often assist in incident response and threat hunts. Unfortunately, these skills are hard to learn and can come at a cost if they are done on the job while an event is ongoing.

In this two-hour tabletop/workshop, we will examine a scenario where we are running multiple AWS services and being attacked by an outside threat. Exploring the use of a SIEM (Security Information and Event Management), we will demonstrate how it exposes critical related data to signal errant activity. After the workshop, the participant will come away with a topical understanding of the risks in any cloud deployment, incident response experience, and hands-on experience in using a SIEM and how to integrate it into your observability portfolio. We will leave the online lab portion of this workshop open after the workshop ends to give everyone more time to work independently.

Requirements:
Laptops