Securing Cloud-Native Infrastructure: A Journey Through the Attacker Lifecycle
In this workshop, you will wear the hat of an engineer investigating an actual cloud-native attack against a real AWS environment.
The video for this workshop was originally recorded for a live workshop that took place at Dash. If you want to see this topic as a fully-supported self-paced course, please fill out the feedback survey following the lab to submit your vote.
Cloud infrastructure today is complex. It’s the relationship between hosts, containers, managed cloud services, and of course cloud resources like blob storage, users and roles, and the cloud control plane. To effectively secure cloud infrastructure it’s critical to correlate information from a variety of sources. In particular, information about the state of resources, coupled with detection of suspicious and anomalous activity within those resources.
In this workshop, you will wear the hat of an engineer investigating an actual cloud-native attack against a real AWS environment. The attack will make use of techniques leveraged by attackers in the real world. After familiarizing yourself with the infrastructure - that you’ll have a chance to experiment with - you will identify, investigate, assess the full extent, and actively remediate the attack, leveraging Datadog CSPM and CWS to capture the entire attacker lifecycle. You will also experience how valuable observability is when investigating security incidents!
At the bottom of each lesson, click MARK LESSON COMPLETE AND CONTINUE button so that you are marked complete for each lesson and can receive the certificate at the end of the workshop.
Introduction
Known bugs
Video Lesson
Lab: Securing Cloud-Native Infrastructure
Feedback
Further Reading
Slides