A Needle in a Haystack: Finding Threats in Billions of Cloud Logs

Discover effective strategies for identifying threats hidden within massive volumes of cloud platform audit logs in this 37-minute conference talk by Brian Davis from Red Canary. Learn how to tackle the challenge of processing over 6 billion logs per day using cloud building blocks like S3 buckets and SQS queues, as well as more advanced tools such as OpenSearch and Kubernetes. Explore techniques for creating a custom detection platform and building analytics to sift through the data deluge, transforming it into actionable alerts. Gain insights into Red Canary's approach to managing and analyzing cloud control plane logs from various platforms, including AWS CloudTrail, Google Cloud Platform Audit Logs, and Azure Activity Logs.

Syllabus

A Needle in a Haystack: How to Find a Threat Hidden in Over 6 Billion Logs Per Day - Brian Davis

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of A Needle in a Haystack: Finding Threats in Billions of Cloud Logs

Master Finance Tools - 35% Off CFI (Code CFI35)

Free courses from frontend to fullstack and AI

Taught by

Get Coursera Plus for 40% off

Dealing with Storage Data Logs in the Cloud - A Hidden Challenge

Taming LLMs to Detect Anomalies in Cloud Audit Logs

Beyond the Perimeter - Uncovering Hidden Data Exfiltration Threats in Google Cloud Platform

Understanding GCP Authentication and Principal Identification Through Cloud Audit Logs

Connecting the Cloud-Dots - Constructing a Knowledge Layer from Autonomous Attack Simulation

Power BI Fundamentals - Create visualizations and dashboards from scratch Ad

[2026] 100+ Google Cloud Certification Training Courses

8 Best Kubernetes Courses for 2026

6 Best Courses on DevSecOps in 2026

[2026] 10,000+ Free Courses from Tech Giants: Learn from Google, Microsoft, Amazon, and More

[2026] 120+ Courses to Prepare your AWS Certifications

Never Stop Learning.