Shortly after publishing Part 1 of my G Suite DFIR blog series, I gave a talk on the topic at BSides SATX. The talk had a super engaged audience and based on a few of the questions I received it became very clear that I needed to take a step back and first tell people how to secure their environment. This post aims to provide readers with a good baseline for a secure G Suite configuration and some recommendations related to preparing for worst case scenario.
Securing G Suite
Jul 19, 2018 4:13:00 PM / by Megan Roddie posted in Security, Cloud, Google
G Suite DFIR - Part 1: Incident Response
Apr 26, 2018 4:16:00 PM / by Megan Roddie posted in DFIR, Incident Response, Forensics, Cloud, Google
Auditing G Suite Login Activity
Sep 3, 2017 4:36:00 PM / by Eric Capuano posted in Automation, DFIR, Forensics, Google
Often times during incident response activities, the responder is overwhelmed with data. The need for tools to automate the analysis and enhancement of this data is crucial.