Automating Cloud Security and Forensics through a Secure-By-Design Generative AI Framework

As cloud environments become increasingly complex, cybersecurity and forensic investigations must evolve to meet emerging threats. Large Language Models LLMs have shown promise in automating log analysis and reasoning tasks, yet they remain vulnerable to prompt injection attacks and lack forensic...

Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotat...

Cloud Investigation Automation Framework (CIAF): An AI-Driven Approach to Cloud Forensics

Large Language Models LLMs have gained prominence in domains including cloud security and forensics. Yet cloud forensic investigations still rely on manual analysis, making them time-consuming and error-prone. LLMs can mimic human reasoning, offering a pathway to automating cloud log analysis. To...

Cloud Digital Forensic Readiness: an Open Source Approach to Law Enforcement Request Management

Cloud Forensics presents a multi-jurisdictional challenge that may undermines the success of digital forensic investigations DFIs. The growing volumes of domiciled and foreign law enforcement LE requests, the latency and complexity of formal channels for crossborder data access are challenging...

Wiz becomes the first CNAPP to provide end-to-end cloud forensics experience

Wiz helps simplify incident response in the cloud for faster investigation of security incidents...

Intro to forensics in the cloud: A container was compromised. What’s next?

Learn what tools and data sources you need to use in cloud forensics investigation and how they come into practice in a real-life example...

AzureHunter - A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365

A Powershell module to run threat hunting playbooks on data from Azure and O365 for Cloud Forensics purposes. Getting Started 1. Check that you have the right O365 Permissions The following roles are required in Exchange Online, in order to be able to have read only access to the UnifiedAuditLog:...

Acquiring a VHD to Investigate

In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be...

Sleuthing the Cloud: The Challenges of Forensics in Cloud Environments

More and more companies are embracing Cloud computing for the practicality, efficiency, and economy of outsourcing the housing, maintenance, and monitoring of applications and their associated infrastructure to a third-party provider. As the Cloud becomes more the norm than the exception, there i...