From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep

Unlock this course with a free trial

Join today to access over 25,600 courses taught by industry experts.

Root Cause and Threat Detection

Root Cause and Threat Detection - Amazon Web Services (AWS) Tutorial

From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep

Start my 1-month free trial Buy for my team

Root Cause and Threat Detection

Hey guys, in this lesson, I'm going to cover root cause analysis and threat detection. So firstly, what is root cause analysis? Well, root cause analysis can refer generally to where we're trying to find the source of an issue. So it could be an application failure, it could be a network outage, it could be a variety of things. Now, in this case, the context is security. So root cause analysis in this context is the process of figuring out why a security event occurred, not just what the symptom looked like. So we know that there was something that happened, why did it happen? And so the goal is to understand the chain of events that led to the issue so we can see what caused it in the first place. And this approach will help to reveal any configurations, any settings, any controls, any actions that allowed the problem to occur in the first place. And then by finding the real cause, we can fix the underlying issue or the weakness and then try and stop it from happening again, which is…

Contents