Or works as a team leader in the R&D group at Mitiga. He develops applications for Digital Forensics & Incident Response in cloud and SaaS environments. Or has a long history in the cyber security industry, working as a developer and as a security researcher. Any time not spent on developing and learning about cloud security, Or spends learning how to play the piano, dancing Salsa (former Salsa dancing teacher), and trolling other workers at Mitiga.
On September the 16th, Uber announced they experienced a major breach in their organization in which malicious actor was able to log in and take over multiple services and internal tools used at Uber. What are some of the logs that IR teams should be focusing on in their investigation?
In this blog, we will focus on the security and forensic aspects of Transit Gateway VPC flow logs and expand the way they can be used by organizations to respond to cloud incidents.
Cloud-based systems should be thoroughly searched for the new Log4j vulnerability (CVE-2021-44228). But this is a daunting task, since you need to search each and every compute instance, from the biggest EC2 instance to the smallest Lambda function. This is where Mitiga can help.