What does this project do?
Security isn’t just prevention — it’s about response. I simulated a compromised EC2 instance flagged by GuardDuty. Using a Lambda automation playbook, the system quarantines the instance by updating security groups, captures forensic logs, and notifies security personnel via SNS.
Why does this even matter?
This project demonstrates real-world incident response in the cloud: detecting threats, containing them, and alerting the right people — all automated.
Highlights / Basic Workflow
- GuardDuty + CloudWatch detection
- Lambda-based auto-quarantine
- Forensic evidence stored securely in S3
Demo Video
Embedded YouTube demo coming soon
More Details
Detailed walkthrough, architecture diagrams, and implementation notes will be added here.
(Coming soon: in-depth writeup and code samples.)