Loading…
← Back to schedule
[Virtual] OPEN Session: CSI Forensics: Unraveling Kubernetes Crime Scenes
Thursday February 20, 2025 9:30am - 9:55am PST
VIRTUAL Cloud Native World
Stefano Chierici, Sysdig, Technical Lead Manager
Alberto Pellitteri, Sysdig, Threat Research Engineer

In a security breach, employing well-defined DFIR techniques becomes imperative to effectively mitigate the incident's impact. However, with the spread of the adoption of containers, the employment of DFIR processes and capabilities is not just complex but is increasingly so. Join us in an insightful session covering cutting-edge DFIR practices on container environments. After a short overview of the essence of DFIR, we'll direct our focus towards various advanced DFIR techniques within a Kubernetes environment, which can prove highly beneficial in the event of a compromise. Starting from how to checkpoint compromised apps and restore them in a sandboxed environment for further analysis, we will move to conducting memory forensics on container evidence using old-style open-source DFIR tools. At the end of the presentation, the audience will be familiar with the advantages and disadvantages of the latest DFIR capabilities and have the basics to understand how to use them. 
Speakers
avatar for Alberto Pellitteri

Alberto Pellitteri

Threat Research Engineer, Sysdig
avatar for Stefano Chierici

Stefano Chierici

Technical Lead Manager, Sysdig
Stefano Chierici is a security researcher in Sysdig where his research focuses on defending containerized environments and cloud environments from attacks ranging from web to kernel. Stefano is one of the Falco contributors, an incubation level CNCF project. He studied cyber security... Read More →
Thursday February 20, 2025 9:30am - 9:55am PST
VIRTUAL Cloud Native World
  Cloud Native World

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link