Getting the big picture
AWS Security Logging
Security Logging in Cloud Environments - AWS
If you had to architect a multi-account security logging strategy, where should you start? This blog, part of the " Continuous Visibility into Ephemeral Cloud Environments " series, will describe a design for a state of the art multi-account security-related logging platform in AWS.
Incident Response Guides
These run-books are created to be used as templates only. They should be customized by administrators working with AWS to suit their particular needs, risks, available tools and work processes. These guides are not official AWS documentation and are provided as-is to customers using AWS products and who are looking to improve their incident response capability.
Digging into AWS specific use cases: Detecting Credentials Compromise in AWS
BSidesSF 2019: DevSecOps State of the Union
There have been many great talks, tools, and blog posts in the security automation / DevSecOps space over the past few years. This talk attempts to aims to gather, organize and provide references to particularly useful resources in a number of domains. In all, around 40 other talks are referenced in this 30 minute talk.