Threat Hunting AWS CloudTrail with Sentinel: Part 3
Detecting Backdoor Attacks By Sean Fernandez | Threat Researcher | Binary Defense In part 3 of the blog series, Threat Hunting AWS CloudTrail with Sentinel, we simulated a series of adversary attacks focusing on persistence with backdoor access to a secondary access key and temporary security credentials. The attacks were deployed on our test AWS […]
Threat Hunting AWS CloudTrail with Sentinel: Part 2
Detecting S3 Bucket Attack By Sean Fernandez | Threat Researcher | Binary Defense In part 2 of the blog series, Threat Hunting AWS CloudTrail with Sentinel, we simulated an attack on a misconfigured S3 bucket. The attacks were deployed on a test AWS environment that emulated a small organization with a set of users, roles, groups, and policies. We utilized Sentinel to gather raw event […]
Threat Hunting AWS CloudTrail with Sentinel: Part 1
Part 1: Intro to Threat Hunting AWS CloudTrail with Sentinel By Sean Fernandez | Threat Researcher | Binary Defense Note: this is a four-part blog post based on research from our threat hunting team. We will release this series over the next few weeks. The adoption of cloud has been sharply rising in recent years. […]
