Cloud Security Forensics & Incident Response
This hands-on workshop supports content from FOR509: Enterprise Cloud Forensics and Incident Response.
Join us for an immersive hands-on workshop investigating a sophisticated attack in Google Cloud Platform. Through guided investigation using SOF-ELK, participants will analyze a compromised GenAI application deployment that leads to data exfiltration. Students will learn how organization policies affect attack paths and how to leverage cloud logging for comprehensive incident investigation.
Who Should Attend
This workshop is a “must-attend” for digital forensics and incident response professionals, security analysts, and cloud security engineers of all skill levels who need to develop skills in investigating, detecting, and responding to incidents across enterprise cloud environments.
Learning Objectives
- Analyze Google Cloud audit logs using SOF-ELK for incident investigation
- Understand how organization policies impact security posture and attack paths
- Trace service account compromise and privilege escalation patterns
- Investigate GCS bucket permission changes and data access patterns
- Build accurate incident timelines using SOF-ELK's visualization capabilities
- Identify security misconfigurations in IAM roles and service accounts
- Understand the impact of folder hierarchy on security controls
Relevant Government Agencies
Other Federal Agencies, Federal Government, State & Local Government
Event Type
Webcast
When
Tue, Dec 10, 2024, 10:00am
ET
Cost
Complimentary: $ 0.00
Website
Click here to visit event website
Organizer
SANS Institute