FIRCY Free AWS Threat Hunting Training in Australia

FIRCY Free AWS Threat Hunting Training in Australia

We are running a series of hands-on technical workshops in the format of capture-the-flag in Australia where you will learn how to use AWS native tools and FIRCY Sense for threat hunting in the AWS cloud. You will be given an AWS account that has been breached in a number of different ways. Your mission is to discover what the adversaries have compromised and how they infiltrated the account. You will dive deep into different logs, use different tools, and follow the trail to hunt them down.

To get the most out of this workshop you should have a basic understanding of AWS, including CloudTrail, EC2, S3 and IAM.

What you will learn

  • AWS Security and related services including: CloudTrail, GuardDuty, IAM, Access Analyzer, Security Hub, Inspector, Athena.
  • Using the FIRCY Sense API for hunting and enrichment
  • Log diving at scale
  • Detection techniques
  • Indicators of compromise
  • Privilege escalation techniques
  • Persistence techniques
  • Containment techniques

Locations and dates


Wednesday 25th October 2023 10:00 - 13:00
Amazon Office, Level 37, 2 Park St, Sydney
Booking link:


Thursday 9th November 2023 09:00 - 12:00
Amazon Office, 68 Northbourne Ave, Canberra
Booking link:


Tuesday 14th November 2023 11:00 - 14:00
Amazon Office, Level 18, 8 Exhibition St, Melbourne
Booking link:


Thursday 23rd November 2023 11:30 - 14:30 AEDST
Booking link:

Follow our events page to stay up to date with future sessions:

What is FIRCY Sense?

Sense is the world’s first threat intelligence solution designed to hunt cloud-native scanners and adversaries. As organisations rely more on the cloud, our platform redefines security teams’ reach and capabilities from the ground up. Every day, we track over two million malicious events overlooked by other cybersecurity tools. Our platform provides some of the industry’s only meaningful insights into the global movements of cloud-native adversaries, scanners, bots, and more. Sense is powered by the largest network of cloud-based assets deployed for intelligence collection. The platform’s API can be used as a source for automated enrichment & data ingestion or as a standalone tool for continuous threat hunting and incident response. You can query for IP addresses, ASNs, and unique events related to your FIRCY-hosted decoys — we enrich every result with data from more than 25 sources of trusted threat intelligence for additional context.

Every attendee will be given the opportunity to trial FIRCY Sense after the session, obligation free and at no cost.


You will need to bring your own laptop and charger with a web browser and text editor, FIRCY will provide AWS accounts for use during the training.


FIRCY was founded on the back of over a decade’s worth of accumulated experience in the incident response and cloud security industry. After setting global cloud security standards for Amazon Web Services, FIRCY’s co-founder and CTO Ben Potter decided to tackle the industry’s dangerous lack of cloud-dedicated cyber defences. Today, FIRCY provides organisations with expert consultations, forensic investigations, and the industry’s first dedicated cloud threat intelligence and deception product. Our mission is to redefine modern cloud security and make proactive threat management the norm in the industry.

Related Posts

Honeypots, Canaries, and Tripwires — Moving on from outdated deception tools

Honeypots, Canaries, and Tripwires — Moving on from outdated deception tools

Imagine cyber security as a constant game of tit-for-tat between defenders and adversaries.

Read More