Digital Forensics and Incident Response in Containerized Environments
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Explore the critical world of Digital Forensics and Incident Response (DFIR) in containerized environments through this informative conference talk. Delve into the importance of DFIR capabilities for quickly containing cyber incidents and preventing them from escalating into crises. Compare traditional DFIR approaches in on-premises infrastructures with the new methodologies required for containerized applications, with a focus on Kubernetes. Gain insights into the evolving challenges and needs of DFIR in the container era. Witness a practical demonstration showcasing best practices for incident response, including remote evidence storage for compromised pods and filesystem change extraction. Learn about the latest Kubernetes features and their impact on forensics and incident response capabilities. Enhance your understanding of DFIR techniques crucial for minimizing the impact of cyberattacks in modern containerized environments.
Syllabus
CSI Container: Can You DFIR It? - Alberto Pellitteri & Stefano Chierici, Sysdig
Taught by
CNCF [Cloud Native Computing Foundation]