The ENGENSEC representatives, Anders Carlsson, general manager and developer from Digital Forensics team (BTH, Sweden), and Alexander Adamov, leader of Malware analysis team (KhNURE, Ukraine), focused the attention of visitors on the questions related to the Digital Forensics in the cloud – “Cloud Forensics vs. OpenStack”
Comprehensive logging as a way to mitigate a repudiation attack and find the traces of the attacker when an incident happens was discussed during the presentation. Another highlighted issue was exhilarating digital evidence in a multi-tenant environment. Compute node logs that represent digital evidence may lead to confidentiality violations if the node includes additional tenants who are not related to the incident. The presenters analyzed the ability of the OpenStack forensic tools that applying in OpenStack.
At the end of the panel, experts gave recommendations on how to prepare your organization for the inevitable security attack, with the consensus being that the best way to handle an incident is to prevent or block the attack at the very beginning, thus, simplifying the investigation process and minimizing losses.
The source of original article https://www.mirantis.com/blog/barcelona-summit-notes-security-track/