Cloud Busting: Understanding Cloud-Based Digital Forensics

BSidesCharm 2018

Presented by: Kerry Hazelton, Tigran Terpandjian
Date: Sunday April 29, 2018
Time: 10:00 - 17:00
Location: Training 2

What, exactly, is “the Cloud”? Is it a network of machines connected via the Internet scattered all over the globe? Is it a data center environment located in the United States or anywhere in the world? Is it really just “someone else’s computer”? Or, is there more to it that needs to be understood by the Information Security professional, to arm him or her with enough knowledge to answer the tough question that inevitably will be asked by their employer, “Why should we take the risk to move our most sensitive data into the cloud?” To take it one step further, should in the event of a data breach that same employer should say, “We need to investigate how this happened;” what exactly will the Information Security professional need to know to successfully conduct a digital forensic investigation, especially if he or she doesn’t have direct access to the server or hardware?

After attending this workshop, attendees should have a greater understanding of the following subjects:

Students must arrive with laptops preinstalled with TSK/Autopsy (or a valid licensed copy of FTK or EnCase). The forensic image will be made available shortly before the conference; alternatively it will be distributed on the day of the class.

Kerry Hazelton

Kerry Hazelton's career in Information Technology has spanned the course of twenty years, and with it he has developed considerable experience with systems and network support, data center operations, and information security. As such, he considers himself a "cybersecurity enthusiast" due to his desire and motivation to read up on the latest trends within the industry, to learn about a new exploit or tool, or his willingness to teach and share with others his experiences over the years. These traits have helped him to continue to thrive in his current position as a Security Engineer for a major healthcare data analytics provider, where he is responsible for managing their cloud security controls, incident response procedures, and security process development. He also has presented technical workshops at prior Security BSides conferences, including Charm, DC, and NoVA. Kerry has been married to his wife Tracy for over fifteen years, and together they have one son, Benjamin.

Tigran Terpandjian

@th3CyF0x Tigran Terpandjian (th3CyF0x) is a Senior Analyst at Accenture Federal Services. An alumnus of the Advanced Practical Social Engineering Course taught by Social-Engineer Inc, he has been fascinated with languages, cultures, social psychology, military tactics and history since his childhood. Despite receiving a B.A in international relations with a concentration in: world politics and diplomacy (University of Richmond), he stumbled across the path of Cyber Security and decided to pull the trigger and tumble down the security rabbit hole. Along the way, he was beset by the beasts of Compliance, the SOC, FISMA and FedRAMP but found his banner under Red Teaming & Social Engineering; now a cyber threat hunter, he has creatively combined his love for red teaming and social engineering. Tigran enjoys applying red teaming, digital reconnaissance and social engineering concepts to conduct cyber threat hunting and is passionate about emulating the adversary. When not on the hunt, Tigran loves playing tennis, practicing Krav Maga, is an advocate for the inconvenient truth, writing articles on Red Team Journal and a Social Engineering novel series for Rogue Dynamics, strengthening his multilingual competency and playing/developing tactics for World of Warships. And experimenting dangerously with spices and sauces in the kitchen


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats