AWS Re:Invent // October 2015 // Las Vegas, NV

Wrangling Security Events in the Cloud

SANS Digital Forensics & Incident Response Summit // June 2017 // Austin, TX

Incident Response in the Cloud

SecTor // November 2017 // Toronto, ON, CA

Incident Response and Forensics in AWS

Cordium Regulatory Summit // February 2018 // San Francisco, CA

“Managing Cyber Security in a Digital World”

BSides SF // April 2018 // San Francisco, CA

Logging, Monitoring, and Alerting in AWS (The TL;DR) + Video

SANS DFIR Summit // June 2018 // Austin, TX

Logging, Monitoring, and Alerting in AWS (The TL;DR)* + Video

*This is an expanded presentation with additional slides containing specific Monitoring/Alerting examples for reference/use.

SecTor // October 2019 // Toronto, ON, CA

Major Pitfalls to Avoid in Performing DFIR in AWS (Slides w/ Notes)

SANS Cloud & DevOps Security Summit // November 2019 // Denver, CO

Loose Keys Bring These – Attackers and Me’s (Incident Responders)


Purple Squad Security

Episode 005 – #DFIR to Someone Else // September 2017

Episode 26 – DFIR in the Cloud with Jonathon Poling // April 2018