Skip to main content

Incident Response and Threat Detection

July 18, 2024

Playbooks for cloud security incidents detection pipelines, containment, forensics, and post-mortem practices for DevSecOps teams.


Purpose

This research track captures operational security knowledge: how to detect threats in cloud logs, respond under pressure, and improve systems after incidents.

Topics

  • SIEM log pipeline design (CloudTrail, VPC Flow, K8s audit)
  • Alert tuning and on-call runbooks
  • Containment without breaking the business
  • Blameless post-mortems and control improvements