Presentations

AWS Re:Invent // October 2015 // Las Vegas, NV

Wrangling Security Events in the Cloud

SANS Digital Forensics & Incident Response Summit // June 2017 // Austin, TX

Incident Response in the Cloud

SecTor // November 2017 // Toronto, ON, CA

Incident Response and Forensics in AWS

Cordium Regulatory Summit // February 2018 // San Francisco, CA

“Managing Cyber Security in a Digital World”

BSides SF // April 2018 // San Francisco, CA

Logging, Monitoring, and Alerting in AWS (The TL;DR) + Video

SANS DFIR Summit // June 2018 // Austin, TX

Logging, Monitoring, and Alerting in AWS (The TL;DR)* + Video

*This is an expanded presentation with additional slides containing specific Monitoring/Alerting examples for reference/use.

SecTor // October 2019 // Toronto, ON, CA

Major Pitfalls to Avoid in Performing DFIR in AWS (Slides w/ Notes)

SANS Cloud & DevOps Security Summit // November 2019 // Denver, CO

Loose Keys Bring These – Attackers and Me’s (Incident Responders)

RSA Conference 2020 // February 2020 // San Francisco, CA

Logging in the Cloud – From Zero to (Incident Response) Hero + Video

AWS re:Invent 2020 // December 2020 // Virtual

Instance Containment Techniques for Effective Incident Response

AWS re:Inforce 2022 // July 2022 // Boston, MA

Instance Memory Acquisition Techniques for Effective Incident Response

SANS DFIR Summit // August 2023 // Austin, TX

EKS Incident Response and Forensic Analysis + Video

Podcasts

Purple Squad Security

Episode 005 – #DFIR to Someone Else // September 2017

Episode 26 – DFIR in the Cloud with Jonathon Poling // April 2018

The Cloud Security Mindset

Episode 3 – Jonathon Poling, Part 1 // March 2020

Episode 4 – Jonathon Poling, Part 2 // March 2020