If you have ever read the Sherlock Holmes story ‘A Study in Scarlet’, there is a quote: “If you have all the details of a thousand misdeeds at your finger ends, it is odd if you can’t unravel the thousand and first.” What this tells us is that by studying known threat activity, we can guide our efforts to develop more accurate threat detection content.

In this Techstrong Learning Experience, we’ll delve into several real-world Google Cloud Platform (GCP) attacks and highlight how to use the available telemetry to identify and detect these attacks before they impact your own systems. In this session, we’ll dive into:

• Tactics used by threat actors such as lateral movement, privilege escalation and data exfiltration.
• The types of event logging you need to aid the detection process.
• How to build targeted detections and enhance your systems’ overall security posture.

Solution Brief

eBook