Facilitating Fluffy Forensics 2.0

  • Webcast Aired Thursday, 24 Mar 2016 11:00AM EDT (24 Mar 2016 15:00 UTC)
  • Speaker: Andrew Hay

Cloud computing enables the rapid deployment of servers and applications, dynamic scalability of system resources, and helps businesses get products to market faster than ever before. Most organizations are aware of the benefits of adopting cloud architectures and many are becoming aware of the potential security risks. The majority of organizations, however, don't realize the numerous challenges of conducting incident response (IR) activities and forensic investigations across public, private, and hybrid cloud environments.

It's not all doom and gloom, however. The consumption model of cloud architectures actually lends itself to helping investigators conduct forensic and IR exercises faster and more efficiently than on a single workstation. For this to happen, however, the tools and techniques employed must evolve...but have they?

In this session, DataGravity CISO Andrew Hay will revisit the forensic and IR challenges of investigating servers and applications in cloud environments in addition to the opportunities that cloud presents to help expedite forensic investigations. . Topics that will be discussed include:

  • Traditional forensics and IR
  • Cloud architectural challenges for responders
  • Chain-of-custody and legal issues across architectures and regions
  • How existing forensics/IR tools can help - and what they can do better
  • Advantages of conducting forensics/IR in cloud environments

Will you be the hunter or the prey?

Join us April 12-19, 2016 in New Orleans, LA for the Threat Hunting & Incident Response Summit and Training. This event was created to provide you with the methodic preparation to cull your adversaries from your network before you become their prey.
Learn to hunt down the enemy before it hunts you:

  • Master the latest techniques needed to properly identify compromised systems
  • Contain Security breaches and rapidly remediate the incidents
  • Stop adversaries from further compromising your enterprise systems