Azure Blob Container Threats & Attacks
The following post focuses on Azure Blob Container, its risks, how it builds, and how to attack with a specific scenario. Before reading this post, let me ask you a few questions and know if...
Tagged: Incident Response
DFIR Tools 4 All
This post contains many digital forensics and incident response tools for Endpoints, Cloud vendors, and more. The tools below include open-source, commercials, and other free tools for day-to-day investigation and forensics. General Tools EnCase is...
Cloud Chain of Custody
This post is focused on the Chain of Custody in general and some of the implications of the Cloud. If you are looking for CoC scenarios and how they affect the Cloud, the following post...
Azure AD Incident Response Life-Cycle & Tools
The Azure AD Incident Response methodology is a critical life-cycle, process, and tool that anyone using identities on Azure, Office 365, and third-party clouds can count on. The Azure AD Incident Response explores how Azure...
Log4j INCIDENT RESPONSE
The following post will assist you with the Log4j incident response process based on the familiar tools, mitigate options, and the information from the vendors and community. Introduction On Dec. 9, 2021, a remote code...
Kubernetes Incident Response
Kubernetes Incident Response, How does it look like?ย Your ability to react quickly to a security incident can differentiate between a significant incident and a small one. For sure, it can help minimize damage caused by...
Azure AD Incident Response Life Cycle and Process
The Azure AD Incident Response methodology is a critical life-cycle, process, and tool that anyone using identities on Azure, Office 365, and third-party clouds can count on. The Azure AD Incident Response explores how Azure...
Azure Sentinel and Sysmon 4 B!ue T3amer$
Recently, there have been massive cyberattacks against cloud providers and on-premises environments, the most recent of which is the attack and exploitation of vulnerabilities against Exchange servers – Theย HAFNIUM. This post focus on Azure Sentinel...
