SANS Cloud Security focuses the deep resources of SANS on the growing threats to the cloud by providing training, certification, research, and community initiatives to help security professionals build, deploy and manage secure cloud infrastructure, platforms, and applications.
SANS Cloud Security provides intensive, immersion training designed to help you and your staff master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. The courses are full of important and immediately useful techniques that you can put to work as soon as you return to your office.
That was the most lame answer ever why you would choose sentinel. You basically just said you should only use sentinel if you are all in on the Microsoft stack and then moved on to the rest of the presentation. Sentinel is awesome even if you are not using any other Microsoft service. Down voting.
I use a tool that helps with so many points you mentioned - ArmorCode - normalizes across scanners and internal data sources like CMDB + Reprioritizes based on context of internal systems + Automates manual remediation tasks + Tailored reports to various stakeholders. Check it out!
03:00 - The moment I read/heard about this video my immediate thought was "Er, just use prepared statements?", and wondered if there was going to be more than that to this video. I'll watch the rest now :) . Although I do note that in *PERL*, the last time I did that years ago, it was a bit of a pain if you had a use case where you wanted the *same* variable to be bound in more than one place in the statement. You couldn't do that and the workaround I found was to just copy the value into a temporary variable and reference *that* in the 2nd use (and so on with second temporary for a 3rd use etc).
Maybe setting up a script on the server that will digest the tail of the log every minute or so. Then report it to the SEIM. If there are indicators then store the verbose log and kick off an alert.
11:35-12:05 I'm glad you interpreted what recommendations or guidances are because people generally tend to not understand that. It's not law. It's a tested best practice or method to ASSIST you towards your goals successfully or with excellence.
Interesting perspective. The notes suggest the course eventually teaches the use of terraform to secure cloud environments. Why was terraform chosen over using the native IAC services for each provider?
