Presentations
AWS Re:Invent // October 2015 // Las Vegas, NV
Wrangling Security Events in the Cloud
SANS Digital Forensics & Incident Response Summit // June 2017 // Austin, TX
Incident Response in the Cloud
SecTor // November 2017 // Toronto, ON, CA
Incident Response and Forensics in AWS
Cordium Regulatory Summit // February 2018 // San Francisco, CA
“Managing Cyber Security in a Digital World”
BSides SF // April 2018 // San Francisco, CA
Logging, Monitoring, and Alerting in AWS (The TL;DR) + Video
SANS DFIR Summit // June 2018 // Austin, TX
Logging, Monitoring, and Alerting in AWS (The TL;DR)* + Video
*This is an expanded presentation with additional slides containing specific Monitoring/Alerting examples for reference/use.
SecTor // October 2019 // Toronto, ON, CA
Major Pitfalls to Avoid in Performing DFIR in AWS (Slides w/ Notes)
SANS Cloud & DevOps Security Summit // November 2019 // Denver, CO
Loose Keys Bring These – Attackers and Me’s (Incident Responders)
RSA Conference 2020 // February 2020 // San Francisco, CA
Logging in the Cloud – From Zero to (Incident Response) Hero + Video
AWS re:Invent 2020 // December 2020 // Virtual
Instance Containment Techniques for Effective Incident Response
AWS re:Inforce 2022 // July 2022 // Boston, MA
Instance Memory Acquisition Techniques for Effective Incident Response
SANS DFIR Summit // August 2023 // Austin, TX
EKS Incident Response and Forensic Analysis + Video
Podcasts
Purple Squad Security
Episode 005 – #DFIR to Someone Else // September 2017
Episode 26 – DFIR in the Cloud with Jonathon Poling // April 2018
The Cloud Security Mindset
Episode 3 – Jonathon Poling, Part 1 // March 2020
Episode 4 – Jonathon Poling, Part 2 // March 2020