Name: Cado Response in Action: Investigating ECS Fargate
Start: 2022-05-12T16:00:00Z
End: 2022-05-12T16:00:20.000Z
Location: BrightTALK
Rating: 0

Cado Security provides the first and only cloud-native digital forensics platform. Built in the cloud, for the cloud, the Cado Response platform automates data capture and processing to empower security professionals to reduce risk and respond to data breaches faster. Cado Response is the only platform that provides forensic capture of short-term data environments such as cloud-native architectures, containers and auto-scaling infrastructures. With Cado Response, enterprises gain visibility across cloud environments, enabling them to quickly and precisely understand the impact of compromises and respond to cyber incidents at cloud speed. 

Join us on Wednesday, March 2nd, at 12 PM ET to see how the Cado Response platform empowers security teams with a smarter and faster way to investigate and respond to cyber incidents in the cloud. 

This live platform tour will showcase:
- Agentless and automated collection of cloud evidence including EC2 disks, cloud logs, and more
- Timeline analysis, search, and pivoting within a single pane of glass across all data -- enhanced with threat intelligence and tagging
- Collaboration across teams and full automation support with SOAR platforms

Cado Response In Action: Cloud Investigations Made Easy

Ransomware is here to stay. And with organizations increasingly migrating their production environment to the cloud, cloud assets are increasingly part of the problem, as they are just as vulnerable as on premises systems. Join us on Tuesday, February 1st at 12 PM ET for an interactive session on performing ransomware IR investigations - from how to identify the initial compromise to tips for ransomware response and remediation. 

In this webinar, Cado incident response and threat research experts, Allan Carchrie and Paul Scott, and Matt Muir, will:
- Dissect a real-life ransomware attack which impacted a hybrid environment 
- Outline the key steps to take when performing a ransomware IR investigation
- Examine early ransomware indicators that can help reduce repeat attacks

Ransomware in a Hybrid World: How to Perform a Thorough IR Investigation

According to 2021 research, 89% of organizations experienced a negative outcome in the time between detection and investigation of a cyber attack on their cloud environments. With cloud attacks continuously growing in number and sophistication, organizations are looking for innovative ways to reduce this window of opportunity for attackers. To this end, 2022 will — without a doubt — bring DFIR transformation for the cloud era. But what will this transformation look like? Join Cado Security’s founders, James Campbell and Chris Doman, Jessica Stanford, Cado Security's CMO and Sebastien Tricaud, Director of Security Engineering at Devo to discuss what’s to come over the next year. From the top cloud threats to watch out for, to the biggest cloud DFIR challenges and trends.

What to do in 2022: Cloud DFIR Predictions

When it comes to incident response, security teams need to move fast. However, using traditional DFIR approaches, it can take weeks to manually capture and process the data needed for a detailed investigation. While this window of opportunity between detection and investigation has historically given attackers an advantage, automation flips the script.  

SentinelOne and Cado Security have joined forces to help organizations detect, investigate, and respond to incidents with unmatched speed. Utilizing the power of automation, the SentinelOne and Cado Response combined solution ensures security analysts can dive deep to determine root cause the moment they are alerted of malicious activity.  

Join us on Wednesday December 8th at 12:30 ET to see a live demonstration of the SentinelOne and Cado Response integration. In this webinar you’ll learn how: 

- The power of automation transforms the way DFIR investigations are performed — from collection to analysis 
- Leveraging the cloud for data processing radically minimizes time to evidence across on-premises, hybrid, and cloud environments 
- The combination of XDR + modern DFIR can help security teams quickly identify root cause, determine incident scope, and respond faster

Automation Flips the Script: Augmenting Real-Time Detection with Modern DFIR

Dissecting Cado Security and ESG's 2021 Cloud Digital Forensics Market Research 

Although organizations recognize the need for cloud-specific DFIR controls, a majority of security teams are — unsurprising — leaning on the traditional tools and processes they're familiar with. However, as cloud threats continue to grow in number and sophistication, it’s becoming increasingly clear that legacy DFIR methods and tools were not developed for cloud-based incidents. It takes too long, or often feels impossible, to get the data needed for a cloud investigation.
 
Join ESG experts Dave Gruber and Doug Cahill alongside Cado Security's CEO and co-founder & life-long DFIR-er James Campbell, as they dig into new cloud DFIR research findings and discuss best practices for implementing a cloud DFIR strategy.
 
In this webinar, you’ll learn:
- Current digital forensics strategies for cloud workload investigations
- How to overcome security obstacles associated with the use of containers and auto-scaling infrastructure
- How to drastically reduce time to evidence - going from days to minutes, leveraging cloud processing & automation techniques
- How to gain critical visibility across high-availability production systems, where an agent-based collection agent can't be deployed

Traditional DFIR Methods = Not Fit For Cloud

Cloud breaches are hard. Time and tool limitations coupled with the complexity of the cloud often makes it impossible for security teams to determine the true root cause, scope and impact of a security incident. Further, many of today’s sophisticated hackers leverage techniques that run in memory only -- such as fileless malware, rootkits and process hollowing -- flying completely under the radar without the proper visibility. Join James Campbell and Al Carchrie, life-long digital forensics incident responders, with decades of experience fighting sophisticated state-based hackers and cybercrime groups.

In this webinar you’ll learn:

- How automation can transform the way memory forensics is conducted across cloud and container environments
- How analyzing multiple data sources in aggregate including disk information, cloud provider logs, memory and more, can empower fully-informed decision making

Cloud and Kubernetes Memory Forensics

Join us on Thursday, May 12th, at 12 PM ET to see how the Cado Response platform empowers security teams to investigate and respond to threats at cloud speed. In this demonstration, we’ll investigate a compromised ECS Fargate instance. This platform tour will highlight the benefits of automation and cloud scale and speed when applied to incident response processes.

This live platform demonstration will showcase:
- Automated data capture of cloud evidence from containers, specifically AWS ECS
- Analysis of key suspicious activity, including alarms for XMRig
- Timeline analysis, search, and pivoting within a single pane of glass across key forensic artifacts and logs

Cado Response in Action: Investigating ECS Fargate

Cloud Security

Cloud Adoption

Serverless

Containerization

Incident Response

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Cado Response in Action: Investigating ECS Fargate

Presented by

About this talk

More from this channel