Cloud Forensics Workshop and CTF Challenge

Presented at BSidesDC 2019, Oct. 27, 2019, 8:30 a.m. (450 minutes)

The Cloud. From email to storage, to social media and computing; we use it in our everyday lives and it impacts all aspects of technology. What started out as simple online storage has grown and expanded, and cloud computing today forms the basis for performing powerful processing capabilities at a fraction of traditional equipment costs. While there are now many Cloud providers, one question remains: Is the Cloud truly secure? What were to happen if a data breach in the Cloud occurred, and more importantly, what information will the security professional need to know in order to conduct a forensics investigation?

The focus of this training will be two-fold; first, to provide a high-level cloud-agnostic overview of Cloud computing, to identify some of its risks, and explore some of the tools and techniques that are used during a cloud-based digital forensics investigation. Second, students will form into teams and battle it out in a CTF-style challenge to test their comprehension of the material and their skill sets by investigating a digital image of a Cloud-based server, searching for "flags" to redeem in order to earn points and compete for some sweet prizes from our friends at No Starch Press!

Presenters:

• Kerry Hazelton
  Kerry Hazelton’s career between Information Technology and Security has spanned the course of over twenty years, and with it he has developed considerable experience with systems and network support, data center operations, and information security. As such, he considers himself a “cybersecurity enthusiast” due to his desire and motivation to read up on the latest trends within the industry, to learn about a new exploit or tool, or his willingness to teach and share with others his experiences over the years. He also has presented technical workshops on the tools and procedures often used in security analysis and cloud-based digital forensics at prior conferences including BSides Charm, DC, and NoVA; which helped to form the basis for the Cloud Forensics Challenge he currently runs. Additionally, he gave a talk at his hometown inaugural BSides Idaho Falls conference about his experiences as an instructor, and the importance of mentoring the next generation of hackers.

Links:

• https://bsidesdc2019.busyconf.com/schedule#activity_5cb52ddb3c54b6b4a30000ac

Similar Presentations:

• DEF CON 19 (2011) / Bulletproofing The Cloud: Are We Any Closer To Security?
• Diana Initiative 2020 Virtual / Guardians of the cloud: the sysadmin's guide to cloud security
• ToorCon: Seattle (Beta) (2007) / Anycast Cloud Bursting