There’s no doubt that more organizations than ever are leveraging the cloud for storage, processing, and computing. The rapid shift to a cloud-first business approach has inevitably increased pressure on security teams as they lean on traditional DFIR tools and methods to investigate cloud incidents. Traditional DFIR methods were not developed with cloud in mind, as apparent with every step of the process from collection to analysis.
The SANS 2021 Cloud Report: Partly Cloudy with a Bunch of DFIR analyzes today’s most pressing cloud DFIR challenges, while proposing a way forward for security teams and DFIR experts who are seeking a better way to manage cloud investigations and implement a cloud-first security program.
This report explores: