I’ve been blogging about building a batch job system on AWS for about two years now as time allows, documented at https://medium.com/cloud-security/automating-cybersecurity-metrics-890dfabb6198. Initially I was “just” going to quickly show how to use batch jobs to run tools to analyze security in AWS accounts. For example, I run Prowler and other proprietary tools on AWS penetration tests and I can run those tools as batch jobs. But it turned into a much bigger endeavor as I considered how to deploy and run those jobs ~ securely ~ in a production environment. In this presentation, I’ll walk through some of the threats, mitigations, and I’ll talk about some unpublished developments.
Slides: NA