Overview
Watch a 40-minute conference talk from x33fcon exploring the challenges and solutions for mapping cloud console actions to their corresponding log events. Learn how the open-source Cloud Console Cartographer framework addresses the complexity of cloud logging, particularly in AWS environments where a single console action can generate hundreds of CloudTrail events. Discover how this tool helps security analysts differentiate between user-initiated API calls and secondary console UI-supporting events, making cloud log analysis more efficient and accurate. Follow along as the speakers demonstrate real-world examples from incident response investigations involving cloud threat actors, and see how this framework can streamline threat hunting and detection engineering workflows. Master the art and science of cloud log analysis while gaining practical insights into making sense of complex cloud console telemetry.
Syllabus
8. Daniel Bohannon and Andi Ahmeti: Cloud Console Cartographer
Taught by
x33fcon