The document discusses AWS Detective, a service for forensic analysis and incident response, outlining its use cases and functionalities. It includes various links to resources on investigation playbooks, searching methods, reviewing GuardDuty findings, analyzing VPC flow logs, and utilizing GeoIP. Additionally, it mentions a 14-day free trial for the Cado Response platform.

1. AWS Detective
Forensics & Incident
Response
Cado Security | 1

2. What is AWS Detective?

3. What are Example Use Cases?
https://pages.awscloud.com/rs/112-TZM-766/images/2020_0122-SID_Slide-Deck.pdf

4. What are Investigation Playbooks?
https://maturitymodel.security.aws.dev/en/4.-optimized/detective/

5. How do you Search?
https://aws.amazon.com/blogs/aws/amazon-detective-rapid-security-investigation-and-analysis/

6. How do you review a Guard Duty Finding?
https://aws.amazon.com/blogs/aws/amazon-detective-rapid-security-investigation-and-analysis/

7. How do you review Connections?
https://aws.amazon.com/blogs/aws/amazon-detective-rapid-security-investigation-and-analysis/

8. How do you analyze detailed
VPC Flow Logs?
https://aws.amazon.com/blogs/security/investigate-vpc-flow-with-amazon-detective/

9. How do you use GeoIP?
https://aws.amazon.com/blogs/aws/amazon-detective-rapid-security-investigation-and-analysis/

10. Cado Response
Free 14-day trial
Receive unlimited access to
the Cado Response Platform
for 14 days.
www.cadosecurity.com/free-investigation/