1. Triggering Event

A simulated security event (e.g., malware detection or abnormal CPU activity) occurs on an AWS EC2 instance.

2. Threat Detection

This event is detected and logged by Trend Micro Cloud One – Workload Security, which monitors workload-level threats in real-time.

3. Alert Notification

Upon detection, an alert is sent to an AWS SNS (Simple Notification Service) Topic, initiating downstream notifications and workflows.

4. Response Actions

• Email Notification: The SNS topic sends an email alert to notify relevant stakeholders.
• Automated Ticket Creation: Simultaneously, the SNS topic invokes an AWS Lambda function that runs a Python script.
• This script integrates with ServiceNow via REST API to automatically create a new incident ticket for tracking and response.



This is still in progress, will post a video once done editing

Back to Main Menu

I'm eager to learn more about potential opportunities and discuss how my skills can benefit your team!

• ryanbertulfo@gmail.com
• (+65) 81219509
• Somewhere in Singapore,
  Originally from the Philippines