Environments

Cado Security delivers broad support across multi-cloud, container, serverless, SaaS, and on-premises environments, eliminating blind spots that have previously made investigations challenging or impossible.

Supported Environments

Cado Security delivers broad support across multi-cloud, container, serverless, SaaS, and on-premises environments.

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Cado Security empowers security experts to understand the impact of incidents in AWS, the most widely-adopted cloud platform. The Cado platform enables investigations of EC2 instances (including EC2 AMIs and EBS snapshots), AWS S3 buckets, AWS ECS, Amazon’s managed Kubernetes Service (AmazonEKS), AWS Lightsail, and cloud logs including Guard Duty, CloudTrail, and AWS SSM. Cado also supports processing numerous file systems including Amazon’s Linux XFS.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.
AWS GovCloud

AWS GovCloud

Cado Security supports native deployment in AWS GovCloud (US). AWS GovCloud (US) is the set of Amazon's Regions designed to host sensitive data, regulated workloads, and address the most stringent U.S. government security and compliance requirements. This means that Cado customers can now perform investigations on workloads running in GovCloud in the same way as they would be able to for workloads in AWS Standard Regions.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.
Microsoft Azure

Microsoft Azure

Cado Security delivers the visibility that’s required to identify and eliminate risk across Azure environments, regardless of its size and complexity. The Cado platform enables investigations of virtual machines, disks from Azure Compute, Azure Kubernetes Service (AKS), and cloud logs such as Azure activity logs. Cado also supports importing objects from Azure Blob Storage and numerous file formats including Azure’s native VHD and VHDX.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.
Google Cloud Platform (GCP)

Google Cloud Platform (GCP)

Cado Security enables cloud incident response in Google Cloud Platform (GCP) environments. The Cado platform supports investigations of resources such as Google Compute Engine and Google Cloud Kubernetes Engine (GKE), including key logs and artifacts. Cado also supports the ability to acquire data from GCP Storage Buckets, which is common in the event an analyst wants to analyze disk images or zip files that have been uploaded to the bucket or to investigate its contents.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.
Containers

Containers

Container-based technology has come a long way and delivers great benefits for enterprises. However, the dynamic and ephemeral nature of these resources can make it nearly impossible to investigate a potential compromise. The Cado platform enables security teams to automate the acquisition of forensically-sound data of containers to ensure critical information is not lost. Cado Security ensures security teams can quickly investigate compromises in ephemeral environments by delivering support for AWS, Azure, and GCP containerized environments. Cado also parses logs from Docker and Kubernetes.

Get the Playbook

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.
Serverless

Serverless

The Cado Security platform delivers extended visibility of AWS ECS Fargate and Lambda. Cado enables security teams to capture, process, and analyze critical evidence including key files and folders from AWS Fargate – a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes (EKS). The platform also empowers security teams to investigate the execution of AWS Lambda serverless functions alongside other valuable data sources in a single timeline to deliver enhanced context to incident investigations.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.
SaaS

SaaS

Organizations heavily rely on email for transfer-of-fund requests, making BEC one of the most common and expensive threats. The Cado Security platform enables security teams to acquire Microsoft 365 Unified Audit Log (UAL) to investigate and respond to Microsoft 365 compromises, such as Business Email Compromise (BEC), Account Takeover (ATO), and insider threats. With Cado, security teams can seamlessly analyze key SaaS logs alongside other critical sources captured across on-premises and cloud environments.

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.
On Premises

On Premises

Cado Security supports investigations of data captured from on-premises environments. By uploading on-premises data to an Amazon S3 bucket, Azure Blob, or a GCP Storage Bucket and importing it into the Cado platform, security teams can take advantage of Cado’s scalable architecture and processing engine, while benefiting from added context when analyzed alongside other valuable data sources.

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

Amazon Web Services (AWS)

Cado Security empowers security experts to understand the impact of incidents in AWS, the most widely-adopted cloud platform. The Cado platform enables investigations of EC2 instances (including EC2 AMIs and EBS snapshots), AWS S3 buckets, AWS ECS, Amazon’s managed Kubernetes Service (AmazonEKS), AWS Lightsail, and cloud logs including Guard Duty, CloudTrail, and AWS SSM. Cado also supports processing numerous file systems including Amazon’s Linux XFS.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

AWS GovCloud

Cado Security supports native deployment in AWS GovCloud (US). AWS GovCloud (US) is the set of Amazon's Regions designed to host sensitive data, regulated workloads, and address the most stringent U.S. government security and compliance requirements. This means that Cado customers can now perform investigations on workloads running in GovCloud in the same way as they would be able to for workloads in AWS Standard Regions.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

Microsoft Azure

Cado Security delivers the visibility that’s required to identify and eliminate risk across Azure environments, regardless of its size and complexity. The Cado platform enables investigations of virtual machines, disks from Azure Compute, Azure Kubernetes Service (AKS), and cloud logs such as Azure activity logs. Cado also supports importing objects from Azure Blob Storage and numerous file formats including Azure’s native VHD and VHDX.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

Google Cloud Platform (GCP)

Cado Security enables cloud incident response in Google Cloud Platform (GCP) environments. The Cado platform supports investigations of resources such as Google Compute Engine and Google Cloud Kubernetes Engine (GKE), including key logs and artifacts. Cado also supports the ability to acquire data from GCP Storage Buckets, which is common in the event an analyst wants to analyze disk images or zip files that have been uploaded to the bucket or to investigate its contents.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

Containers

Container-based technology has come a long way and delivers great benefits for enterprises. However, the dynamic and ephemeral nature of these resources can make it nearly impossible to investigate a potential compromise. The Cado platform enables security teams to automate the acquisition of forensically-sound data of containers to ensure critical information is not lost. Cado Security ensures security teams can quickly investigate compromises in ephemeral environments by delivering support for AWS, Azure, and GCP containerized environments. Cado also parses logs from Docker and Kubernetes.

Get the Playbook

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

Serverless

The Cado Security platform delivers extended visibility of AWS ECS Fargate and Lambda. Cado enables security teams to capture, process, and analyze critical evidence including key files and folders from AWS Fargate – a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes (EKS). The platform also empowers security teams to investigate the execution of AWS Lambda serverless functions alongside other valuable data sources in a single timeline to deliver enhanced context to incident investigations.

Get the Guide

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

SaaS

Organizations heavily rely on email for transfer-of-fund requests, making BEC one of the most common and expensive threats. The Cado Security platform enables security teams to acquire Microsoft 365 Unified Audit Log (UAL) to investigate and respond to Microsoft 365 compromises, such as Business Email Compromise (BEC), Account Takeover (ATO), and insider threats. With Cado, security teams can seamlessly analyze key SaaS logs alongside other critical sources captured across on-premises and cloud environments.

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

On Premises

Cado Security supports investigations of data captured from on-premises environments. By uploading on-premises data to an Amazon S3 bucket, Azure Blob, or a GCP Storage Bucket and importing it into the Cado platform, security teams can take advantage of Cado’s scalable architecture and processing engine, while benefiting from added context when analyzed alongside other valuable data sources.

Rapidly Deploy

You choose: Deploy in AWS, GovCloud, Azure, or GCP in minutes. All data resides in your cloud environment.

Better Understand Risk

Cado Security offers the speed, adaptability, and depth required to appropriately manage risk.

Reduce MTTR

Automation is applied to the end-to-end investigation process, accelerating path to root cause and remediation.

The Cado Advantage

Cado Security is helping organizations around the world achieve results.

6 x

Faster When compared to traditional forensics tools

48 +

Hours Saved on event triage

66 %

Cost Reduction Associated with investigations

Investigation and Response Automation

Leverage the power of the cloud to implement a robust and repeatable investigation process.

Embrace the Hybrid World

Having trouble performing investigations across a dizzying mess of multi-cloud, container, serverless, SaaS, and on-premises resources? We’ve got you covered.

Learn More

Take Advantage of Cloud Speed and Scale

Perform investigations across your entire estate in minutes, not days. Crack the case now. Why wait?

Learn More

Automate. Automate. Automate.

Automate manual investigative tasks so your team can take on more and get to the bottom of what happened faster. Every time.

Learn More

“We use Cado Security for many investigations. Cado not only speeds up the process of acquisition and analysis, but it helps us by having more information to dig through and go deeper into the investigation.”

Matteo Brunati, CEO

Agorà Security

“I can’t believe I’m now able to process a 500GB disk in just a few hours.”

Security Operations Manager

Global Gaming Company

“Cado Security is the only solution I know that supports Kubernetes and cloud. They're changing the way we do forensics.”

DFIR Director

Top 5 Global Consulting Firm

Relevant Blog Posts

The Blog

product updates

What's New in the Cado Platform Q1 2024 Recap

April 23, 2024

Over the past quarter, the Cado team has been hard at work bringing new features and enhancements to the Cado platform....

product updates

What's New in the Cado Platform Q4 Recap

February 8, 2024

In the last quarter, the Cado Security team has been working hard to release a number of new features and enhancements to...

product updates

New Features in Cloudgrep: Yara Rules, JSON Output and Log Parsing

December 5, 2023

We’ve recently added some new functionality to cloudgrep, the open source tool to search logs in cloud storage. This...

Explore More

Dive deeper into everything Cado Security has to offer.

Platform

Meet the first investigation and response automation platform and see how other teams are benefiting.

Explore More

Integrations

Cado Security integrates with a wide-range of tools to streamline the end-to-end investigation process.

Learn More

Use Cases

Cado Security enables a number of use cases to empower global organizations to respond to threats faster.

Explore More

Let's Get Started

Use the Cado Security platform to investigate any system. Anywhere. Anytime.

Platform

Environments

Integrations

Cross Cloud Investigations

Container & K8s Investigations

Endpoint Triage

BEC Investigations

Attack Containment

Incident Response Preparedness

Enterprise

MSSPs

Partners

Government

Blog

Playbooks

Reports

Cheat Sheets

News

Community

Documentation

Wiki

About

Careers

Environments