Episode 26 – DFIR in the Cloud with Jonathon Poling

From the crowd to the cloud, we shift focus this episode to a topic that may be holding back some infosec professionals from embracing the cloud - namely what to do when you're attacked?  Digital Forensics and Incident Response (DFIR) is a topic we've covered in the past, but that was from a more traditional view.  I'm fortunate enough to have Jonathon Poling (@JPoForenso) join me again to revisit DFIR, but this time from a cloud perspective.  What's easier, what's harder, and what's different?  Have a listen to find out! Some links of interest: Margarita Shotgun AWS to Azure Mapping AWS to GCP Mapping Azure to GCP Mapping Duo Labs GitHub StreamAlert Netflix GitHub RepoKid NCC Group Scout2 Ponder The Bits - https://ponderthebits.com/ @JPoForenso Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com