Playbook
Leveraging Log Data for Incident Readiness
Being impacted by an incident is a ‘when, not if’ situation.
Ensuring your organization is prepared to investigate and respond to potential cloud threats is vital to appropriately managing risk.
The rapid migration to cloud-based, container-based and serverless technologies requires security teams to adopt a proactive approach to cloud incident response. A large part of ensuring you organization is prepared to handle potential threats is making sure all of the right cloud logging is turned on.
This playbook covers logging best practices to ensure your organization is prepared to perform incident response investigations in AWS, Azure and GCP environments.