Getting Started with DFIR for the Cloud

A Digital Forensics and Incident Response (DFIR) plan is a systematic and documented method of approaching and managing situations resulting from IT security incidents or breaches as well as collecting evidence related to those incidents or breaches. Typical digital forensics procedures and incident response plans generally assume traditional physical systems architecture and physical access to systems under investigation. To address workloads running in the cloud, modern DFIR plans must account for systems that are virtual and located off premises. Download this infographic to examine each phase and discuss the important differences when using your plan with cloud resources.