"EKS Forensics & Incident Response" will explore the critical role of Elastic Kubernetes Service (EKS) in incident response and forensic investigations. The presentation will begin by discussing the current threat landscape and the need for organizations to have a well-defined incident response plan in place to mitigate risks effectively. The speaker will then delve into the various phases of incident response, including preparation, identification, containment, eradication, and recovery. The focus will be on how EKS can be leveraged to perform forensics investigations during the identification phase, with an emphasis on the tools and techniques available for gathering data and analyzing events. The talk will also cover the unique challenges associated with conducting forensic investigations in a containerized environment and the strategies for overcoming these challenges. Attendees will learn how EKS can facilitate forensic investigations in containerized environments by providing rich telemetry data, monitoring tools, and analysis capabilities. Finally, the presentation will emphasize the importance of communication and collaboration between security teams and other stakeholders in the organization during an incident. Attendees will leave with a deeper understanding of how EKS can play a vital role in incident response and forensics investigations, and practical strategies for improving their organization's security posture.