10 Incident response and remediation

This chapter covers

Using a SIEM or posture management tool to aggregate, track, and analyze security events across multiple sources
Writing playbooks as part of an incident response plan to mitigate threats quickly
Automating responses to attacks and vulnerabilities to respond quicker, reduce mistakes, and save time

In the last chapter we looked at many different types of monitoring and how to detect when there’s a potential attack or vulnerability in your system. There are many additional ways of detecting these kinds of security issues as well. You might conduct penetration tests on your applications to find potential weaknesses. You might get reports from external security researchers. You might subscribe ...

Get AWS Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

AWS Security by Dylan Shields

10 Incident response and remediation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly