Automated incident response and forensic analysis on AWS - part 1
Вставка
- Опубліковано 1 лют 2025
- In this episode I an demoing a fully automated security incident response, forensic analysis and web application auto-healing on AWS using a StepFunction and Lambda functions.
In this video, I am presenting the infrastructure and what all the 4 CloudFormation templates provision.
All the CloudFormation templates and code are available on the GitHub repo: github.com/mln...
Credits:
This demo is primarily based on the demo released by Ben Potter at AWS Summit London 2018: • Automating Incident Re...
The code of his demo is available here : github.com/aws...
I reused and modified a VPC CloudFormation template released by Levon Becker for Stelligent available here: github.com/ste...
I also reused shell scripts published by Ryan Holland and Oliver Cahagne on AWS Labs to simulate security breaches to test GuardDuty: github.com/aws...
lovely content
Matthieu, Mind if i ask a question of this session using the cloudformation?, I tryed this cloudformation templete some problroms, so, that trouble's a please check the below.
"Output 'IncidentResponseVPCFlowLogsRoleArn' not found in stack 'arn:aws:cloudformation:ap-northeast-2:848863384668:stack/incident-response-ProductionVPC-1FPGZCO866M45/d1a295a0-12a1-11eb-abc1-0a859ca39880'"
I think a this issue mean does not making role(IAM) "IncidentResponseVPCFlowLogsRole.Arn" right??
btw, if you possible could you please checking this issue? and let me know any feedback.!! Thanks.