Skip to content

Incident Response


Tool Description
  • Serverless framework to automate incident response and operations processes
  • Automated Security Runbooks
Guardians of the Cloud
  • Automating the Response to Security Events
  • Auth0 describes how they use security automation to respond to GuardDuty events at scale
  • Overview of the implemented architecture for the alert analysis, triage, user notification, and automated response of the AWS GuardDuty security findings on all of their AWS accounts
AWS IR Getting Started


Tool Description
awskillswitch Lambda function that streamlines containment of an AWS account compromise