This lab write-up credits SANS for the Workshop on Building Detections in AWS. It replicates the workshop guide by the Cloud Security SANS Team. Following the instructions may result in an AWS billing of around $2, considering prompt resource deletion after completing the lab.
π¨ Research the attack technique β Lab 1
π¨ Set up proper logging β Lab 2
π¨ Attack realistic assets β Lab 3
π¨ Review log data β Lab 4
π¨ Build detection β Lab 5
Lab 1: Research the attack technique/ Infrastructure Deployment
Lab 2: Setting up API Event Logging
Lab 3: Attacking the Cloud Account
Lab 4: Detecting the Attack
Lab 5: Building an Automated Detection
Lab 6: Deleting Created Resources
π΅οΈββοΈ Complete READ-UP
π Website walkthrough: https://building-detections-aws.sanscloudwars.com/
π Video Walkthrough: https://www.youtube.com/watch?v=FZKZuNk49Dw