Cloud Forensics Demystified
Packt Publishing Limited (Verlag)
978-1-80056-441-1 (ISBN)
Key Features
Uncover the steps involved in cloud forensic investigations for M365 and Google Workspace
Explore tools and logs available within AWS, Azure, and Google for cloud investigations
Learn how to investigate containerized services such as Kubernetes and Docker
Purchase of the print or Kindle book includes a free PDF eBook
Book DescriptionAs organizations embrace cloud-centric environments, it becomes imperative for security professionals to master the skills of effective cloud investigation. Cloud Forensics Demystified addresses this pressing need, explaining how to use cloud-native tools and logs together with traditional digital forensic techniques for a thorough cloud investigation.
The book begins by giving you an overview of cloud services, followed by a detailed exploration of the tools and techniques used to investigate popular cloud platforms such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). Progressing through the chapters, you’ll learn how to investigate Microsoft 365, Google Workspace, and containerized environments such as Kubernetes. Throughout, the chapters emphasize the significance of the cloud, explaining which tools and logs need to be enabled for investigative purposes and demonstrating how to integrate them with traditional digital forensic tools and techniques to respond to cloud security incidents.
By the end of this book, you’ll be well-equipped to handle security breaches in cloud-based environments and have a comprehensive understanding of the essential cloud-based logs vital to your investigations. This knowledge will enable you to swiftly acquire and scrutinize artifacts of interest in cloud security incidents. What you will learn
Explore the essential tools and logs for your cloud investigation
Master the overall incident response process and approach
Familiarize yourself with the MITRE ATT&CK framework for the cloud
Get to grips with live forensic analysis and threat hunting in the cloud
Learn about cloud evidence acquisition for offline analysis
Analyze compromised Kubernetes containers
Employ automated tools to collect logs from M365
Who this book is forThis book is for cybersecurity professionals, incident responders, and IT professionals adapting to the paradigm shift toward cloud-centric environments. Anyone seeking a comprehensive guide to investigating security incidents in popular cloud platforms such as AWS, Azure, and GCP, as well as Microsoft 365, Google Workspace, and containerized environments like Kubernetes will find this book useful. Whether you're a seasoned professional or a newcomer to cloud security, this book offers insights and practical knowledge to enable you to handle and secure cloud-based infrastructure.
Ganesh Ramakrishnan is a senior manager at KPMG Canada's Incident Response team, with over 12 years of incident response experience. He leads a dynamic team focused on responding to and managing incidents for organizations across various industry sectors, working with KPMG's incident response teams globally. He has led numerous incident response cases, including high-profile ones, and collaborated with law enforcement agencies worldwide. Apart from assisting organizations during crises, Ganesh also helps them prepare for incidents and educates them on handling them. Ganesh has a master's in computer application and an MSc in network and information security. He also holds CISSP, SANS GCFA, and SANS GNFA certifications. Mansoor Haqanee is a manager with KPMG Canada's Forensic Technology team, with over six years of experience in software development, computer forensics, and incident response. Mansoor has a background in electrical engineering with a bachelor of engineering from Toronto Metropolitan University (formerly Ryerson University). Combining his education with both software development and computer forensic experience, he is equipped to provide organizations with insights into the security of their assets. Mansoor has provided technology consulting services to a wide range of industries in the education, financial services, healthcare, telecommunications, manufacturing, and government sectors, to name a few.
Table of Contents
Introduction to the Cloud
Trends in Cyber and Privacy Laws and Their Impact on DFIR
Exploring the Major Cloud Providers
DFIR Investigations – Logs in AWS
DFIR Investigations – Logs in Azure
DFIR Investigations – Logs in GCP
Cloud Productivity Suites
The Digital Forensics and Incident Response Process
Common Attack Vectors and TTPs
Cloud Evidence Acquisition
Analyzing Compromised Containers
Analyzing Compromised Cloud Productivity Suites
Erscheinungsdatum | 15.12.2023 |
---|---|
Verlagsort | Birmingham |
Sprache | englisch |
Maße | 191 x 235 mm |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Mathematik / Informatik ► Informatik ► Web / Internet | |
ISBN-10 | 1-80056-441-4 / 1800564414 |
ISBN-13 | 978-1-80056-441-1 / 9781800564411 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich