Home Specialist skills Security FOR509: Enterprise Cloud Forensics and Incident Response
FOR509: Enterprise Cloud Forensics and Incident Response
-
Understand forensic data only available in the cloud
-
Implement best practices in cloud logging for Digital Forensics and Incident Response (DFIR)
-
Learn how to leverage Microsoft Azure, AWS and Google Cloud Platform resources to gather evidence
-
Understand what logs Microsoft 365 and Google Workspace have available for analysts to review
-
Learn how to move your forensic processes to the cloud for faster data processing
Overview
Off the shelf (OTS)
The world is changing and so is the data we need to conduct our investigations. Cloud platforms change how data is stored and accessed. They remove the examiner's ability to directly access systems and use classical data extraction methods. Unfortunately, many examiners are still trying to force old methods for on-premise examination onto cloud-hosted platforms.
Rather than resisting change, examiners must learn to embrace the new opportunities presented to them in the form of new evidence sources. FOR509: Enterprise Cloud Forensics and Incident Response addresses today's need to bring examiners up to speed with the rapidly changing world of enterprise cloud environments by uncovering the new evidence sources that only exist in the Cloud.
Delivery method
Face to face
Virtual
Digital
Course duration
48 hours
Competency level
Expert
Delivery method
-
Face to face
-
Virtual
-
Digital
Course duration
48 hours
Competency level
-
Expert
Spark login – Alpha testing