Cloud Forensics Demystified: Decoding cloud investigation complexities for digital forensic professionals
Author: Ganesh Ramakrishnan (Author), Mansoor Haqanee (Author)
Publisher finelybook 出版社: Packt Publishing
Edition 版本: 1st
Publication Date 出版日期: 2024-02-22
Language 语言: English
Print Length 页数: 384 pages
ISBN-10: 1800564414
ISBN-13: 9781800564411
Book Description
Enhance your skills as a cloud investigator to adeptly respond to cloud incidents by combining traditional forensic techniques with innovative approaches
Key Features:
- Uncover the steps involved in cloud forensic investigations for M365 and google Workspace
- Explore tools and logs available within AWS, Azure, and google for cloud investigations
- Learn how to investigate containerized services such as Kubernetes and Docker
- Purchase of the print or Kindle book includes a free PDF eBook
Book Description
:
As organizations embrace cloud-centric environments, it becomes imperative for security professionals to master the skills of effective cloud investigation. Cloud Forensics Demystified addresses this pressing need, explaining how to use cloud-native tools and logs together with traditional digital forensic techniques for a thorough cloud investigation.
The book begins by giving you an overview of cloud services, followed by a detailed exploration of the tools and techniques used to investigate popular cloud platforms such as Amazon Web Services (AWS), Azure, and google Cloud Platform (GCP). Progressing through the chapters, you’ll learn how to investigate Microsoft 365, google Workspace, and containerized environments such as Kubernetes. Throughout, the chapters emphasize the significance of the cloud, explaining which tools and logs need to be enabled for investigative purposes and demonstrating how to integrate them with traditional digital forensic tools and techniques to respond to cloud security incidents.
By the end of this book, you’ll be well-equipped to handle security breaches in cloud-based environments and have a comprehensive understanding of the essential cloud-based logs vital to your investigations. This knowledge will enable you to swiftly acquire and scrutinize artifacts of interest in cloud security incidents.
What You Will Learn:
- Explore the essential tools and logs for your cloud investigation
- Master the overall incident response process and approach
- Familiarize yourself with the MITRE ATT&CK framework for the cloud
- Get to grips with live forensic analysis and threat hunting in the cloud
- Learn about cloud evidence acquisition for offline analysis
- Analyze compromised Kubernetes containers
- Employ automated tools to collect logs from M365
Who this book is for:
This book is for cybersecurity professionals, incident responders, and IT professionals adapting to the paradigm shift toward cloud-centric environments. Anyone seeking a comprehensive guide to investigating security incidents in popular cloud platforms such as AWS, Azure, and GCP, as well as Microsoft 365, google Workspace, and containerized environments like Kubernetes will find this book useful. Whether you’re a seasoned professional or a newcomer to cloud security, this book offers insights and practical knowledge to enable you to handle and secure cloud-based infrastructure.
About the Author
Mansoor Haqanee is a manager with KPMG Canada’s Forensic Technology team, with over six years of experience in software development, computer forensics, and incident response. Mansoor has a background in electrical engineering with a bachelor of engineering from Toronto Metropolitan University (formerly Ryerson University). Combining his education with both software development and computer forensic experience, he is equipped to provide organizations with insights into the security of their assets. Mansoor has provided technology consulting services to a wide range of industries in the education, financial services, healthcare, telecommunications, manufacturing, and government sectors, to name a few.