Introducing the AWS Customer Incident Response Team
🔒 The AWS Customer Incident Response Team (CIRT) is a 24/7 global team that helps customers during active security events affecting the customer side of the Shared Responsibility Model. The team analyzes AWS service logs and the control plane using sources like AWS CloudTrail, VPC Flow Logs, and GuardDuty, provides triage and containment guidance, and recommends follow-up actions. AWS also publishes tools, workshops, and the Threat Technique Catalog for AWS (TTC) to help customers prepare and detect recurring tactics and techniques.
