homepage
Open menu
Contact Sales

Memory Forensics Acquisition in the Cloud

As more and more organizations begin moving their resources to the cloud, analysts and responders must be prepared to operate in this new landscape. One aspect of traditional forensics that we must learn to implement in the cloud is memory forensics.

In this webcast, Mat Fuchs (author and instructor for FOR532: Enterprise Memory Forensics In-Depth) and Megan Roddie (co-author and instructor for FOR509: Enterprise Cloud Forensics and Incident Response) look at how to approach memory forensics when responding to incidents in cloud environments.

  • First, we’ll explain what cloud services fall in scope when discussing memory forensics.
  • Next we’ll discuss the tools, services, and processes that can be leveraged for acquisition, both cloud-native and third-party options.
  • Finally, we’ll wrap up with some examples of performing targeted memory analysis in the cloud.
  • At the end of this webinar, attendees should walk away with ideas for how memory analysis can be implemented in their organization’s processes and procedures.

Login to Register

Speakers

Mat Fuchs

Mathias Fuchs, is the author of  the FOR532: Enterprise Memory Forensics In-Depth course and he is also the Head of Investigation & Intelligence at the Swiss firm InfoGuard AG as well as a volunteer paramedic and a pilot. Mathias began his career teaching Linux administration and general IT security and quickly moved into penetration testing and red teaming. As his skills improved (and as breaking into customer systems got more repetitive and less demanding), Mathias sought new challenges that would expand his IT security acumen. So, he moved over to digital forensics and incident response, a field where the attacker unintentionally sets the pace and partly controls what an investigator needs to do - rather than that being dictated by the customer or the investigator.

Megan Roddie

Megan Roddie is currently working as a Senior Security Engineer at IBM. Along with her work at IBM, she works with the SANS Institute as a co-author of FOR509, presents regularly at security conferences, and serves as CFO of Mental Health Hackers. Megan has two Master's degrees, one in Digital Forensics and the other in Information Security Engineering, along with many industry certifications in a wide range of specialties. Her goal as a SANS author, especially as it relates to lab development, is to give students realistic, practical hands-on experiences that will allow them to more effectively approach real-life incidents. Megan not only fights cybercrime, but is also a highly active competitor in Muay Thai/Kickboxing.

Related Content

Blog
DFIR - Blog - Defending Against SCATTERED SPIDER and The Com with Cybercrime Intelligence_340 x 340.jpg
Digital Forensics, Incident Response & Threat Hunting
Defending Against SCATTERED SPIDER and The Com with Cybercrime Intelligence
Due to the notoriety SCATTERED SPIDER and The Com have attracted as prolific cybercriminal threats, law enforcement has been tracking them closely.
Will_Thomas_370x370.png
Will Thomas
read more
Blog
DFIR - Blog - The Importance of Cyber Threat Intelligence- Insights from Recent Nobelium Attacks_340 x 340.jpg
Digital Forensics, Incident Response & Threat Hunting
The Importance of Cyber Threat Intelligence: Insights from Recent Nobelium Attacks
The persistent and sophisticated attacks by Nobelium highlight the critical role of cyber threat intelligence.
DFIR_ICON_(1).PNG
SANS DFIR
read more
Blog
ics blog image.png
Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting
A Visual Summary of SANS ICS Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS ICS Security Summit 2024
370x370-person-placeholder.png
Alison Kim
read more