Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore practical cloud antiforensics techniques in this 47-minute conference talk that demonstrates how attackers can exploit blind spots and latencies in AWS security monitoring systems. Learn how current detection, response, and forensic analysis strategies in the cloud rely heavily on AWS services like GuardDuty and CloudTrail, but discover the critical gaps that allow attackers to operate undetected for 20 minutes or more. Examine a practical approach to cloud antiforensics that focuses on attacking while understanding how defenders analyze, correlate, and respond to threats. Watch live demonstrations showing how to leverage delays in log collection supply chains and hide malware in unexpected locations that appear as legitimate system operations. Discover the new defensive antiforensics module from the open-source Dredge project, which enables security teams to map enabled logs and their destinations, detect misconfigured or incomplete SIEM integrations, identify active detection mechanisms by service, calculate delays and attacker action windows, and implement automatic hardening and auto-remediation mechanisms with Lambda. Move beyond blind trust in what "should" be detected and start measuring real cloud exposure levels to combat false security sensations. Presented by Santiago Abastante, CTO at SolidarityLabs and former police officer with over 10 years of IT experience in both private and public sector incident response.
