Cloud Security Forensics & Incident Response



This hands-on workshop supports content from FOR509: Enterprise Cloud Forensics and Incident Response.

 

Join us for an immersive hands-on workshop investigating a sophisticated attack in Google Cloud Platform. Through guided investigation using SOF-ELK, participants will analyze a compromised GenAI application deployment that leads to data exfiltration. Students will learn how organization policies affect attack paths and how to leverage cloud logging for comprehensive incident investigation.

 

Who Should Attend

This workshop is a “must-attend” for digital forensics and incident response professionals, security analysts, and cloud security engineers of all skill levels who need to develop skills in investigating, detecting, and responding to incidents across enterprise cloud environments.

 

Learning Objectives

  • Analyze Google Cloud audit logs using SOF-ELK for incident investigation
  • Understand how organization policies impact security posture and attack paths
  • Trace service account compromise and privilege escalation patterns
  • Investigate GCS bucket permission changes and data access patterns
  • Build accurate incident timelines using SOF-ELK's visualization capabilities
  • Identify security misconfigurations in IAM roles and service accounts
  • Understand the impact of folder hierarchy on security controls

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government


Event Type
Webcast


When
Tue, Dec 10, 2024, 10:00am ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
SANS Institute


Contact Event Organizer



Return to search results