| Data Discovery and Classification with Amazon Macie |
Data Protection & Privacy |
This workshop is designed to help you get familiar with Amazon Macie and learn how to scan and classify data in your S3 buckets. You will be working with Amazon Macie (data classification) and AWS Security Hub (centralized security view) to view and understand how data in your environment in stored and to understand any changes in S3 bucket policies that may negatively affect your security posture. You will learn to create a custom data identifier and how to create and scope data discovery and classification jobs in Amazon Macie. Finally you will use Amazon Macie to filter and investigate the results from the scans that you created. |
Level 200 |
~2 hours |
| Zero Trust Episode 1 - The Phantom Service Perimeter |
Identity & Access Management |
Throughout this workshop we will discuss the principles of Zero Trust and how AWS enables you to implement them in the most appropriate way for your workloads. This includes how a good Zero Trust architecture is not a single product, service, or architecture, but instead the application of principles and tenets to strengthen your designs. When complete, you will have had hands on experience implementing combined network and identity controls to help eliminate lateral network mobility risk and improve the overall security posture of your workload. |
Level 200 |
~2 hours |
| AWS Network Firewall Workshop |
Network and Infrastructure Security |
Introduction to key features of AWS Network Firewall & labs - AWS Network Firewall is a highly available, managed network firewall service for your Amazon Virtual Private Cloud (Amazon VPC). It enables you to easily deploy and manage stateful inspection, intrusion prevention and detection, and web filtering to protect your virtual networks on AWS. AWS Network Firewall automatically scales with your traffic, ensuring high availability with no additional customer investment in security infrastructure. |
Level 400 |
~2 hours |
| Protecting workloads on AWS from the instance to the edge |
Network and Infrastructure Security |
Your mission in this workshop is to use AWS Web Application Firewall (WAF), Inspector and Amazon Systems Manager to help build an effective set of controls around your AWS workloads. You will learn to use AWS WAF to mitigate common attack vectors against web applications such as SQL injection and Cross Site Scripting. You will also learn how to use Amazon Inspector and Amazon Systems Manager to automate security assessments and operational tasks such as patching and configuration management across your EC2 fleet. |
Level 300 |
~2hrs |
| Scaling threat detection and response on AWS |
Threat Detection & Incident Response |
This hands-on workshop is where you will learn about a number of AWS services involved with threat detection and response as we walk through real-world threat scenarios. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie and AWS Security Hub and the available response options. For each hands-on scenario, we review methods to detect and respond to threats using the following services: AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon Macie, AWS Lambda, Amazon Inspector, Amazon GuardDuty and Amazon Security Hub. |
Level 300 |
~2hrs |
| Getting Hands on with Amazon GuardDuty |
Threat Detection & Incident Response |
In this hands-on builder session, you will walk through a scenario covering threat detection and remediation using Amazon GuardDuty; a managed threat detection service. The scenario simulates an attack that spans a few threat vectors, representing just a small sample of the threats that GuardDuty is able to detect. In addition, you will look at how to view and analyze GuardDuty findings, how to send alerts based on the findings, and, finally, how to remediate findings. |
Level 300 |
~2hrs |