How to implement NDR based on the AWS Well-Architected Framework


Deep visibility is paramount for securing cloud infrastructure

Network Detection and Response (NDR) tools that tease out security-centric insights from network traffic offer a uniquely honest and broad view of the environment that attackers cannot modify retroactively. Sensors deployed as AMI can receive packets from an AWS Virtual Private Cloud (VPC) traffic mirror, network proxy appliances and cloud packet brokers. Rich security metadata can be extracted and exported as log streams, making it ideal for Security Information & Event Management (SIEM) systems and other analytic tools. 

This webinar will discuss how NDR solutions can be used following the AWS Well-Architected Toolkit to further operational excellence, security, reliability, performance efficiency, and cost optimization for network security monitoring in the AWS cloud.

On demand:


Vijit Nair - Sr. Director of Cloud Product Management, Corelight

Vijit Nair is a Sr Director of Products for the Cloud Portfolio at Corelight where he focuses on building products that extend Corelight’s NSM visibility into public and private cloud environments. Previously as Director of Product - Cloud Segment at Juniper Networks, he managed their portfolio spanning Data Center Switching, Cloud Networking & Security. Prior to that, as an engineer, he built and shipped some of the fastest routers in the world and holds several patents in networking. He has a Masters from Penn State and a MBA from UC Berkeley Haas.


Roger Cheeks, Solution Engineer

Roger Cheeks is a Solution Engineer at Corelight, the company founded by the creators of the Zeek network security monitor. Roger has spent more than 20 years designing, implementing, and maintaining mission critical network and security systems. He is an expert in network analysis techniques and protocols including packets, flow, Zeek, and logs. Roger spent more than ten years architecting and implementing Splunk for Security Operations, and has supported verticals including financial, healthcare, cloud, entertainment, and more.

Richard Bejtlich

Principal Security Strategist, Corelight

Richard began his digital security career as a military intelligence officer in 1997 at the Air Force Computer Emergency Response Team (AFCERT), Air Force Information Warfare Center (AFIWC), and Air Intelligence Agency (AIA).Previously Chief Security Strategist at FireEye, and Mandiant's Chief Security Officer when FireEye acquired Mandiant in 2013. At General Electric, as Director of Incident Response, Richard built and led the 40-member GE Computer Incident Response Team (GE-CIRT).