Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Forensics Demystified
  • Table Of Contents Toc
Cloud Forensics Demystified

Cloud Forensics Demystified

By : Ganesh Ramakrishnan, Mansoor Haqanee
4.4 (9)
close
close
Cloud Forensics Demystified

Cloud Forensics Demystified

4.4 (9)
By: Ganesh Ramakrishnan, Mansoor Haqanee

Overview of this book

As organizations embrace cloud-centric environments, it becomes imperative for security professionals to master the skills of effective cloud investigation. Cloud Forensics Demystified addresses this pressing need, explaining how to use cloud-native tools and logs together with traditional digital forensic techniques for a thorough cloud investigation. The book begins by giving you an overview of cloud services, followed by a detailed exploration of the tools and techniques used to investigate popular cloud platforms such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). Progressing through the chapters, you’ll learn how to investigate Microsoft 365, Google Workspace, and containerized environments such as Kubernetes. Throughout, the chapters emphasize the significance of the cloud, explaining which tools and logs need to be enabled for investigative purposes and demonstrating how to integrate them with traditional digital forensic tools and techniques to respond to cloud security incidents. By the end of this book, you’ll be well-equipped to handle security breaches in cloud-based environments and have a comprehensive understanding of the essential cloud-based logs vital to your investigations. This knowledge will enable you to swiftly acquire and scrutinize artifacts of interest in cloud security incidents.
Table of Contents (18 chapters)
close
close
Lock Free Chapter
1
Part 1: Cloud Fundamentals
6
Part 2: Forensic Readiness: Tools, Techniques, and Preparation for Cloud Forensics
10
Part 3: Cloud Forensic Analysis – Responding to an Incident in the Cloud

GCP Cloud Shell

Cloud Shell is GCP’s native command-line tool that allows access to various GCP services over a command-line interface. GCP Cloud Shell, a browser-based shell environment, can be used to investigate and identify potential security incidents for threat-hunting activities. Investigators can also use Cloud Shell to turn a service such as packet mirroring on or off. It also has an interactive code editor for users or investigators who want to import custom code, enabling Cloud Shell to perform certain activities. GCP’s Cloud Shell can also be accessed locally through the Google Cloud SDK or an in-browser session.

GCP offers essential command-line tools, specifically gcloud and gsutil. gcloud provides access to general GCP services such as GCE, BigQuery, and so on. In comparison, gsutil is a specific utility tool to access storage buckets.

Through gcloud, investigators can access Logs Explorer and collect all the associated logs for offline analysis....

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Cloud Forensics Demystified
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon