Services

Cloud Forensics

Cloud Forensics is a branch of Digital Forensics that specializes in the identification, acquisition, analysis, and preservation of digital evidence stored in cloud environments. Investigations in this area are complex due to the distributed nature, virtualization, and security policies of cloud providers.

Phases of Cloud Forensics

Identification

• Identifying relevant data sources.

• Recognition of involved cloud systems and services.

• Definition of the scope of the investigation.

Acquisition

• Collecting forensic data while ensuring its integrity.

• Use of techniques that avoid tampering with evidence.

• Chain of Custody Verification.

Analyses

• Studying evidence to identify suspicious activity.

• Correlation of the information collected.

• Identification of the actors involved in the event analyzed.

Conservation & Reporting

• Secure storage of digital evidence.

• Compliance with data protection regulations,

• Create detailed forensic reports.

• Submission of evidence for legal or investigative uses.

Tools for Cloud Forensics

Open Source Tools

• Magnet AXIOM Cloud – Cloud data acquisition and analysis.

• AWS CloudTrail – Track activities on AWS.

• Google Takeout – Export data from Google Workspace.

Commercial Tools

• Oxygen Forensics Cloud Extractor – Cloud data recovery.

• Cellebrite UFED Cloud Analyzer – Social Media and Cloud Analytics.

• Forensic Toolkit (FTK) – Cloud File and Log Investigation.