Forensic Analysis of Container Checkpoints

Overview

Explore forensic container checkpointing, an alpha feature in Kubernetes, in this DevConf.CZ 2023 conference talk. Delve into the process of saving running container states as image files for persistent storage, enabling reconstruction of container processes and data. Discover a range of tools and methods for analyzing container checkpoints, extracting valuable information such as application memory, metadata, timestamps, open files, and network sockets. Learn techniques to recover deleted (ghost) files and examine the captured runtime state of all processes within a container. Gain insights into uncovering evidence of malicious activity through forensic analysis of container checkpoints. Presented by Radostin Stoyanov, this 26-minute talk provides a comprehensive overview of forensic analysis techniques for container checkpoints and their applications in cybersecurity.

Syllabus

Forensic Analysis of Container Checkpoints - DevConf.CZ 2023

Taught by

DevConf

Reviews

Start your review of Forensic Analysis of Container Checkpoints

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

Forensic Analysis of Container Checkpoints

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

End-to-End Encryption for Container Checkpointing in Kubernetes

Forensic Analysis of Compromised VPN Appliances by Advanced Actors

Pensieve - Finding Malicious Artifacts in Container Environments

Building a Muscle Memory with Rekall Memory Forensic Framework

9 Best Kubernetes Courses for 2024

Never Stop Learning.