Watch a 40-minute conference talk from x33fcon exploring the challenges and solutions for mapping cloud console actions to their corresponding log events. Learn how the open-source Cloud Console Cartographer framework addresses the complexity of cloud logging, particularly in AWS environments where a single console action can generate hundreds of CloudTrail events. Discover how this tool helps security analysts differentiate between user-initiated API calls and secondary console UI-supporting events, making cloud log analysis more efficient and accurate. Follow along as the speakers demonstrate real-world examples from incident response investigations involving cloud threat actors, and see how this framework can streamline threat hunting and detection engineering workflows. Master the art and science of cloud log analysis while gaining practical insights into making sense of complex cloud console telemetry.
Cloud Console Cartographer - Mapping Cloud Events for Security Analysis
Overview
Syllabus
8. Daniel Bohannon and Andi Ahmeti: Cloud Console Cartographer
Taught by
x33fcon
Related Courses
-
Cloud Console Cartographer: Tapping Into Mapping - Slogging Through Logging
-
AWS Security Traffic Monitoring and Packet Analysis
-
Manage security operations in Azure
-
Cloud Threat Hunting
-
Relational Observability for Cloud-Native Security and Data Science
-
Cloud Security Strategies: Threat Hunting, Adoption, and Incident Response - Part 2
