A Journey Through AWS Security Products, and Native Security-Logging Capabilities

Security Measures to Protect Your AWS Environment and Prepare Your Environment in Advance of a Cyber Security Incident


In this workshop, you will be exposed to AWS security products and native security logging facilities via an operational reference architecture and application that includes networking services, load balancer, database, cache, Docker containers, monitoring, alerting, etc.

Each attendee will be provided a lab kit with step by step instructions on how to configure and integrate AWS security products and native logging security facilities into the reference architecture and application. As a result, you will have the following opportunities.

  • Discuss best practices and FAQ

  • Study and observe the type of information produced

  • Interpret the data and utilize the information provided.

  • How the information produced integrates with third-party solutions and facilitate security governance, compliance and respond to security incidents.

The workshop ends with team challenges on early detection of security threats and a security incident response simulation.

Security Products AND Native Security-Logging Capabilities

  • AWS CloudTrail

  • AWS Config

  • Amazon S3 Elastic Load Balancing, Amazon CloudFront Access Logs, Amazon Relational Database Service (RDS) Logs, Amazon VPC Flow Logs

  • Centralized Log Management Options

  • Amazon GuardDuty: Managed threat detection service

  • Amazon Inspector: Analyze application security

  • Amazon Macie: Discover, classify, and protect your data

  • AWS Artifact: On-demand access to AWS’ compliance reports service to share AWS resources

  • AWS Secrets Manager: Rotate, manage, and retrieve secrets

  • AWS Security Hub: Unified security and compliance center

  • AWS Shield: DDoS protection

  • AWS WAF: Filter malicious web traffic


We recommend that attendees have the following prerequisites:

  • Good working knowledge of the AWS platform and general understanding of audit and access logs.

  • Familiarity with the Linux operating system and command line interface.

  • Requires a laptop to complete lab exercises – tablets are not appropriate.

Date & Time - April 23 2018 10:00 AM – 5:00 PM CDT

Location - Virtual and In-person Classroom

1515 Young Street Stone Room (7th Floor), Dallas, TX 75201

Class Size - 30


Share Workshop