Explore the critical aspects of incident response in cloud-based environments through this informative conference talk from the SANS DFIR Summit 2024. Delve into the challenges faced by security teams as organizations increasingly shift towards cloud-native setups. Learn about key log sources for essential SaaS solutions like Okta, GitHub, and Salesforce, focusing on crucial fields investigators should be aware of. Discover common pitfalls and issues in SaaS log interpretation, and gain strategies for effectively utilizing these logs in incident detection and response. Acquire insights into the complexities of monitoring and detecting activity in SaaS platforms, and benefit from a tactical cheat sheet covering these and additional SaaS products. Equip yourself with valuable knowledge to investigate future compromises and enhance detection capabilities in cloud-based environments.
The SaaS-y Side of Incident Response - Key Log Sources for Okta, GitHub, and Salesforce
Overview
Syllabus
The SaaS-y Side of Incident Response
Taught by
SANS Digital Forensics and Incident Response
Related Courses
-
Incident Response and Business Continuity Architecture Planning, Design and Implementation
-
Technical Deep Dive with Incident Response Tools
-
Incident Response Lifecycle
-
Automating Incident Response: Scalable and Fast, Within Minutes
-
Digital Forensics and Incident Response in Containerized Environments
-
SOAR with Postee - Automated Incident Response for Cloud Native Risks
