AWS Forensics - Additional Resources
SANS Gold Paper - Digital Forensic Analysis of Amazon Linux EC2 Instances
ABSTRACT: Companies continue to shift business-critical workloads to cloud services such as Amazon Web Services Elastic Cloud Computing (EC2). With demand for skilled security engineers at an all-time high, many organizations do not have the capability to do an adequate forensic analysis to determine the root cause of an intrusion or to identify indicators of compromise. To help organizations improve their incident response capability, this paper presents specific tactics for the forensic analysis of Amazon Linux that align with the SANS “Finding Malware – Step by Step” process for Microsoft Windows.
SANS POSTER - Finding Unknown Malware - Step by Step
Linux Memory Forensics Resources
- Linux Memory Forensics Wiki
- rekall / tools / linux / README
- Creating Volatility Linux Profiles (Debian/Ubuntu)