In this presentation, we will look into 5 years of accumulated experience doing security monitoring by primarily using a cloud-first approach. What lessons can be gleamed from moving security monitoring from on-premise and into the cloud, and what mistakes should you probably avoid?

Attendees can expect to learn a little bit about the different type of logs we can find in the cloud, along with some neat security features and tools that help us detect malicious activity. Combine this with a cloud-based security information and event management (SIEM) tool, and we're flying.

Don't know security monitoring? We'll cover that as well, with a quick introduction into how it's done and some dos and don'ts.

Before we all go our separate ways - let's try predicting the future! What will cloud-first security monitoring look like going forward? Is AI the way, is SOAR really as dead as Gartner want's us to believe, and will the focus on national autonomy put a damper on the adoption of cloud-based security tooling? Come and see!