Josh Lemon · @joshlemon
136 followers · 41 posts · Server infosec.exchangeOne of my brilliant coauthors Megan Roddie did a write up from our SANS #FOR509 #CloudForensics class on how to extract #AWS logs for analysis.
#DFIR #CSIRT #CERT
https://www.sans.org/blog/aws-cloud-log-extraction/
#for509 #cloudforensics #aws #dfir #csirt #cert
Josh Lemon · @joshlemon
99 followers · 12 posts · Server infosec.exchangeWhat to understand how #M365 #AAD Conditional Access works and how #ThreatActors can bypass it?
Take a look at Beau Bullock's demo on using his #MFASweep tool and #ROADtools for pulling down the Conditional Access configuration.
#m365 #aad #threatactors #mfasweep #roadtools #cloudforensics
inginformatico · @inginformatico
25 followers · 6 posts · Server infosec.exchangeCloud Forensics: Obtaining iCloud Backups, Media Files and Synchronized Data by @ElcomSoft #DFIR #CloudForensics https://www.linkedin.com/posts/juantorresibanez_cloud-forensics-obtaining-icloud-backups-activity-7001102745994686464-b4iU