Skip to content

Beginner Lab blue team icon   aws

Remediate Vulnerabilities with Amazon Inspector

Get ready to track threat actors through the cloud with ELK stack!

Description

We created this beginner-friendly lab to give hands-on experience with using ELK Stack to investigate security threats in AWS. Get ready to track threat actors through the cloud!

Scenario

After noticing unusually high CPU usage on an EC2 instance, you have decided to investigate recent AWS CloudTrail logs using ELK Stack. Your mission is to identify if there are any unusual activities or anomalies that could be causing this.

Lab prerequisites
  • Basic experience with log analysis
  • Foundational security knowledge
  • Foundational AWS knowledge
  • Familiarity with the AWS CLI
Learning outcomes
  • Know how to set up and configure ELK Stack
  • Import data into ELK Stack (and resolve import issues)
  • Identify and track malicious activity
  • Using ELK Stack to piece together a timeline of events in a breach
  • Get familiar with common AWS offensive tooling
Real-world context

ELK Stack is a free and widely used tool that is very powerful. It allows defenders to accurately tell the story of what happened in a compromise or security incident.

platform mock(1)

Cloud Security Training To Protect Your Business

Pwned Labs for Business gives your team access to dedicated business content, including labs and cyber ranges.

We also offer in-person or remote workshops, and our cloud penetration services are helping businesses become more secure!