AWS Digital Forensics Automation at Goldman Sachs [AWS Online Tech Talks]

During a security issue, answers are needed quickly. This often starts with evidence collection and log correlation. Companies generally have runbooks and standard operating procedures to respond to security issues, but this process tends to be manual, time consuming, and prone to human error. Goldman Sachs has automated an event-driven cloud response solution that uses AWS native services to successfully collect disk and memory evidence from Amazon EC2 instances. The solution uses AWS security services Amazon GuardDuty and AWS Security Hub. It also leverages a variety of services such as AWS Lambda, AWS Step Functions, and AWS Systems Manager (SSM).

In this Tech Talk, we will provide an overview of Goldman Sachs' environment and a deep dive on how we built automation for digital forensics using AWS native services.

Previous Article
AWS Security Hub: Introduction to Foundational Security Best Practices Standard
AWS Security Hub: Introduction to Foundational Security Best Practices Standard

In this demo you will learn about the AWS Foundational Security Best Practices v1.0.0. standard in AWS Secu...

Next Article
AWS Executive Insights on Data-Driven Insights
AWS Executive Insights on Data-Driven Insights

Leaders of data-driven can organizations maximize the value of their data by developing and sustaining a st...