AWS Cloud attack response demo

UnderDefense MDR in action:

Watch live AWS Cloud attack response demo

The award-winning MDR team uses the UnderDefend MAXI platform as to detect, investigate, and respond quickly and effectively to an attack on the cloud in real time.

Mon, May 20

11 AM EST | 5 PM

Agenda:

10 min UnderDefense MAXI product introduction
25 min real-life attack response
10 min Q&A session

Speakers

Devin Lalani

CyberSecurity Expert

Helping businesses to find the most suitable security solutions for their unique needs.

Andriy Hural

MDR & IR Director

Cybersecurity Veteran, Incident Response Expert, and MDR/IR Director at UnderDefense.

Vasyl Herman

DevSecOps Engineer

Guiding a high-performing DevSecOps team to secure your organization’s cloud infrastructure.

UnderDefense MDR Incident Response Workflow during attack on AWS Cloud

An attacker exploits a vulnerable PHP application hosted on EKS (Elastic Kubernetes Service) to inject a web-shell script into the Web Directory and gain initial access to the AWS Environment.

UnderDefense's MDR team detects compromises in file integrity and exfiltration of instance credentials through UnderDefense MAXI Integrations. generic alerts coming from various integrations (Security Hub, Elastic Cloud).

Enrichment starts with running the pre-defined automation Playbook.

Security Incidents created in the UnderDefense MAXI for further enrichment, tracking, and processing by a security analyst.

The team closely monitors the attacker's attempts to maintain persistence within the AWS Environment. The SOC analyst investigates the enriched data of the alert and defines the verdict.

Speakers show the other side of the AWS Cloud attack experience: how fast a client is informed about the attack and receives the necessary guidelines on remediation to minimize the impact on business.

The SOC analyst closes the incident after the threat is contained and eradicated.

This webinar is designed for:

CISO, CIO, CTO, and other IT and Security Executives

Discover a new tool that has a strategic value in protecting the cloud environment and the overall business.

Business and Digital Leaders

Helping to visualize the potential consequences and the importance of proactive defense without breaking the bank.

Cybersecurity Managers

Stay up-to-date on the latest threats and tactics, giving a realistic picture of how these attacks unfold.

Cybersecurity Engineers

Gain valuable knowledge about attack methods, evaluate security solutions, and learn best practices for securing the cloud.

You will learn

How you can orchestrate and  maximize the work of your  security tools.

How an experienced MDR team effectively detects and responds  to attack.

How an alert can be a comprehensive answer about the threat, providing more context for investigation.

How using a custom database of correlation rules can significantly faster threat detection and response.

How Playbooks can automate initial response actions, saving time and ensuring effectiveness.

How as a client you are getting informed about the threat, provided remediation guidelines and necessary security awareness training.

Learn how to automate routine tasks and keep your business protected 24/7