4

DFIR Investigations – Logs in AWS

Through Chapters 1 to 3, you may have recognized the importance of the cloud in today’s technological landscape, and with any technological innovation comes threats against it. As organizations use more cloud products and host and store personal or sensitive information, it is prone to unauthorized disclosure, accidentally or by threat actors exploiting a vulnerability in the configuration of the systems. This chapter will focus on how to handle incidents that have occurred within Amazon Web Services (AWS). We will discuss various log sources that are available for investigators and how investigators can make use of these log sources.

Before we can begin our investigation, we will need to understand which ...

Get Cloud Forensics Demystified now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.