This post is the reference section of my dev-chat at the first ever AWS re:Inforce conference in Boston. You can find my slides here.
The purpose was to give the audience a brief overview of how to conduct basic threat hunting in their CloudTrail and GuardDuty. We throw in a bit of Vulnerability Hunting and awareness with Antiope at the end.
Tools The tools we need here are:
Centralized CloudTrail Centralized GuardDuty Antiope Splunk.
