Title: Remediation Framework - Auto respond to AWS nightmares.

Remediation Framework is event driven, near real time, multi account, serverless platform which identifies and remediates AWS security issues to ensure AWS usage is in compliance with a set of rules. Major focus is on remediations for misconfigurations which could make resources(ec2-ami,snapshots, s3, redshift, rds..) publicly exposed, making it low lift for attackers to get foothold or data exfiltration. The framework is easily customizable, giving the ability to add new modules for AWS resources you want to watch for/automatically fix, when they become non compliant.

This talk will be structured as below:

Introductions (1-2 minutes): Brief bio of what we do.
Background (3 minutes): Introduction to the problem statement which led us to work on automated remediation.
First iteration - Independent Lambda for remediation of each resource and the challenges we faced.
Introduction to the Framework: (5 minutes) A walkthrough of the framework, how it is pieced together to support event driven remediation for multiple AWS accounts and regions.
Demo and Q&A (10 minutes): We will open source and demo the Remediation Framework by making few AWS resources publicly exposed and letting the remediation framework fix it automatically.


YouTube: https://www.youtube.com/watch?v=DSipgVlsAfo

#cloudv-general-text: https://discord.com/channels/7082082...33373172285520

Speaker(s): Sahir Khan, Justin Paglierani

Location: Cloud Vlg

Discord: https://discord.com/channels/7082082...33373172285520

Event starts: 2020-08-09 11:45 (11:45 AM) PDT (UTC -07:00)

Event ends: 2020-08-09 12:30 (12:30 PM) PDT (UTC -07:00)

For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-08-08T05:44 (UTC).