Renzon Cruz, a Filipino security professional living in Dubai who works as Digital Forensics & Incident Response in a FinTech company based in the UK. He previously worked as Senior Security Consultant as part of a National Cyber Security Agency in Doha, Qatar. Prior to working in Dubai, he was also assigned as Sr. Security Analyst & Incident Responder and was also a previous college instructor at New Era University, Philippines. He was also accepted to various international conferences as a speaker such as BSides Vancouver (2019), BSides London (2019), BSides Doha (2020), and ROOTCON Hacking Conference (2020). He is also a co-founder, course developer, and instructor of GuideM, a real-world cybersecurity training center based in the Philippines. He also holds different certifications such as GCFA GCFE, GCIH, eCTHP, eCDFP, eJPT, CFR. He is mainly interested in defensive strategy, threat hunting, digital forensics, and incident response, malware analysis, adversary simulation.
Digital Forensics & Incident Response | Co-Founder of GuideMModerator? – no Website (full URL) – Twitter account (full URL) – LinkedIn profile (full URL) –
Q&A and discussion for the cloud security block, hosted and moderated by Max Habra. Questions will be gathered from the audience during the three prior talks.
In this presentation, I will discuss the key forensic artifacts that can be used whenever DFIR professionals encounter cloud storage services into the host such as OneDrive, GoogleDrive, Box and Dropbox. These are all essentials especially when the attacker or insider threat leverage these services to exfiltrate data. I will also show how to perform data acquisition to get these artifacts in forensically sound manner.