Explore the journey towards a SOCless future in this 32-minute conference talk from BSidesSF 2019. Discover how Twilio's Security Operations team tackled the challenge of implementing effective, scalable, 24/7 monitoring and response without round-the-clock staffing. Gain insights into their methodology and serverless automation framework developed over three years. Learn about the motivations, challenges, and solutions, including the "Magic Box" concept, AWS Thunder Functions, Lambda Functions, Step Functions, and Atlas Core. Understand the technology behind the framework, including state machines, data storage, and human interaction components. Delve into use cases, secret management, and development environments as you uncover innovative approaches to security operations scalability.
Overview
Syllabus
Introduction
Who am I
Agenda
Questions
Security Operations
Environment
Path to Success
Magic Box
Building Magic Box
Define what it will do
Use case demo
Technology behind the framework
AWS Thunder Functions
Lambda Functions
AWS Step Functions
State Machines
Data Storage
Human Interaction
Atlas Core
Atlas Automation
Highlights
Call to Action
Use Cases
Question
Secret Management
Dev Environment
Taught by
Security BSides San Francisco
