Last month James Campbell, Cado Security’s Co-Founder and CEO, and Al Carchrie, Digital Forensics Solutions Engineer, provided some useful insights into performing investigations in the cloud at the SANS DFIR summit.
As data has migrated to the cloud at exponential rates, we’ve also seen an uptick in the number of cloud-based attacks. This means security and DFIR experts are required to perform cloud and container investigations more frequently; but this often feels like an impossible task. While a thorough forensics investigation requires the analysis of both cloud and host data, the lack of automation coupled with the complexity of the cloud often has security teams struggling to get the context they need.
In this session, James and Al share a real-life case study involving AWS Kubernetes. Further, they explore the types of cloud data available and how these sources can augment traditional host forensics to enable security and DFIR experts to understand the true impact of cloud breaches.
![](https://14518100.fs1.hubspotusercontent-na1.net/hub/14518100/hubfs/Imported_Blog_Media/setting-crime-scene-1030x579.png?width=773&height=434&name=setting-crime-scene-1030x579.png)
Don’t take our word for it, see for yourself. Conduct your own AWS Kubernetes investigation or simply gain a better understanding of the types of data sources that can be captured in AWS using the data gathered from this session.
More from the blog
View All PostsESG Research Reveals 89% of Companies Negatively Impacted by Cloud Cyber-Attacks Prior to Full Investigation
November 16, 2021Why is CIRA (Gartner) all the Hype for Cloud Incident Response?
August 21, 2023Elevate Cloud Security with Cloud Investigation & Response Automation
October 16, 2023Subscribe to Our Blog
To stay up to date on the latest from Cado Security, subscribe to our blog today.