Classic Intrusion Analysis Frameworks for AWS Environments: Application and Enhancement

Publication date: March 31, 2021 (Document history)

Classic Intrusion Analysis Frameworks for AWS Environments: Application and Enhancement

Abstract

Today, many Chief Information Security Officers (CISOs) and cybersecurity practitioners are looking for an effective cybersecurity methodology that will help them achieve measurably better security for their organization. One approach that has helped some organizations is to use classic intrusion analysis frameworks to analyze cybersecurity risks and provide methodologies and technologies for responding to attacks.

This paper provides background context on classic intrusion analysis frameworks, and shows how the transition to the cloud undermines some of its key premises, naturally disrupting modern attacker intrusion methods, i.e. “breaking intrusion kill chains”. This paper outlines how to use both the classic intrusion analysis framework and the AWS Cloud to address external threats to your AWS environment’s security.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Introduction