Engineering teams that build, scale, and manage cloud-based applications on AWS know that at some point in time, their applications and infrastructure will be under attack. But as applications expand and new features are added, securing workloads in AWS becomes an increasingly complex task.
To add visibility and audibility, AWS CloudTrail tracks the who, what, where, and when of activity that occurs in your AWS environment and records this activity in the form of audit logs. …
In this post I will show how we can use fake access keys, to detect compromised instances in our production environment.
We will talk about how to detect intruders early on systems, with real-time alerts. We won’t discuss mitigations or protections to prevent this kind of attack.
Before we talk about the solution proposed, we will see some concepts related to security.
¿yes? ¿100% sure?
Even though a system could be secure, ever it’s feasible to be hacked, and in most cases, it’s probable that has been attacked and you haven’t ever noticed about that.
Hackers are experts in infiltrating…