Services
Cloud Forensics
Cloud Forensics
Cloud Forensics is a branch of Digital Forensics that specializes in the identification, acquisition, analysis, and preservation of digital evidence stored in cloud environments. Investigations in this area are complex due to the distributed nature, virtualization, and security policies of cloud providers.
Phases of Cloud Forensics
Identification
Identifying relevant data sources.
Recognition of involved cloud systems and services.
Definition of the scope of the investigation.
Acquisition
Collecting forensic data while ensuring its integrity.
Use of techniques that avoid tampering with evidence.
Chain of Custody Verification.
Analyses
Studying evidence to identify suspicious activity.
Correlation of the information collected.
Identification of the actors involved in the event analyzed.
Conservation & Reporting
Secure storage of digital evidence.
Compliance with data protection regulations,
Create detailed forensic reports.
Submission of evidence for legal or investigative uses.
Tools for Cloud Forensics
Open Source Tools
Magnet AXIOM Cloud – Cloud data acquisition and analysis.
AWS CloudTrail – Track activities on AWS.
Google Takeout – Export data from Google Workspace.
Commercial Tools
Oxygen Forensics Cloud Extractor – Cloud data recovery.
Cellebrite UFED Cloud Analyzer – Social Media and Cloud Analytics.
Forensic Toolkit (FTK) – Cloud File and Log Investigation.