AWSRaid is a blue team lab that falls under the Cloud Forensics category and will cover the following subjects: Splunk, Persistence, Privilege Escalation, Credential Access.
Learning Objectives
Investigate AWS CloudTrail logs using Splunk to identify unauthorized access, analyze configuration changes, and detect persistence mechanisms.