Jesús Chóliz – You cannot fight against what you cannot see

Learn how to stay ahead of attackers by understanding the importance of monitoring in cloud security with key takeaways on effective log collection, analysis, and centralization.

Key takeaways
  • You can’t fight what you can’t see, so monitoring is crucial for security.
  • CloudTrail is free and provides valuable insights into AWS activity.
  • Phishing attacks are common and can be detected by monitoring logs.
  • Attackers often scan the entire Internet in a short amount of time.
  • You need a strategy to fight against attackers, not just a collection of tools.
  • Monitoring logs is important, but you need to centralize and process them efficiently.
  • Splunk is a powerful tool for log collection and analysis.
  • WAFs can block attacks, but you need to monitor to detect and respond to attacks.
  • AWS provides various tools to help with security, such as CloudTrail and GuardDuty.
  • Monitoring is not a one-time task, but an ongoing process.
  • You need to invest in security to prevent attacks.
  • Phishing attacks can be detected by monitoring user activity.
  • Attackers often reuse the same payloads and tactics.
  • You need to monitor your servers, applications, and users to detect and respond to attacks.
  • Web application firewalls (WAFs) can help protect against attacks.
  • You need to have a vision and strategy to fight against attackers.
  • Monitoring logs can help you detect and respond to attacks before they cause damage.
  • You can’t rely on a single tool or technology to protect against attacks.