This hands-on workshop supports content from FOR509: Enterprise Cloud Forensics and Incident Response.
Join us for an immersive hands-on workshop investigating a sophisticated attack in Google Cloud Platform. Through guided investigation using SOF-ELK, participants will analyze a compromised GenAI application deployment that leads to data exfiltration. Students will learn how organization policies affect attack paths and how to leverage cloud logging for comprehensive incident investigation.
Who Should Attend
This workshop is a “must-attend” for digital forensics and incident response professionals, security analysts, and cloud security engineers of all skill levels who need to develop skills in investigating, detecting, and responding to incidents across enterprise cloud environments.
Learning Objectives
- Analyze Google Cloud audit logs using SOF-ELK for incident investigation
- Understand how organization policies impact security posture and attack paths
- Trace service account compromise and privilege escalation patterns
- Investigate GCS bucket permission changes and data access patterns
- Build accurate incident timelines using SOF-ELK's visualization capabilities
- Identify security misconfigurations in IAM roles and service accounts
- Understand the impact of folder hierarchy on security controls
Scroll down for system requirements.
