5 DFIR Investigations – Logs in Azure

In the previous chapter, we discussed responding to incidents in Amazon Web Services (AWS). This chapter will focus on responding to incidents in Microsoft Azure, the second most popular cloud computing product. One critical aspect of incident response in Azure is analyzing log data from different Azure services. In this chapter, we will explore the various log sources available in Azure, how to acquire them, and best practices for analyzing this data to detect, contain, and resolve security incidents in Azure. By understanding the tools and techniques available for incident response in Azure, incident response professionals can better protect and respond to an organization’s cloud infrastructure in the ...

Get Cloud Forensics Demystified now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cloud Forensics Demystified by Ganesh Ramakrishnan, Mansoor Haqanee

5

DFIR Investigations – Logs in Azure

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly