SBN

Bravo-Cado: Cloud Forensics Defying COVID-19

I worked for a couple of years with Chris Doman when I was at AlienVault. In his spare time Chris ran a popular threat intelligence portal called ThreatCrowd which AlienVault acquired when they hired him.

Chris is not one of the smartest people I’ve worked with, but also one of the nicest. I enjoyed collaborating with him over the years and learnt a lot from him. 

DevOps Connect:DevSecOps @ RSAC 2022

So, it came as no surprise when he told me that he was leaving AlienVault (since acquired by AT&T) to head out on his own to startup Cado Security with James Cambell to address the challenge of cloud forensics and response. 

A $1.5m Seed

Ever since COVID-19 and lockdowns, many organisations have been struggling to stay afloat. But Cado Security has a strong value proposition when it comes to the problem it’s addressing. Simply put, forensics on compromised systems is still hard – even more so in cloud environments like AWS and Azure; Cado Security is trying to make it easier. 

Cloud security has lots of greenfield to define what the future looks like – and with no dominant security players for now, Cado Security seems to have arrived at the right time. 

A sentiment that is shared by prolific Cyber Security investors Ten Eleven Ventures which announced a $1.5m seed investment in the firm. 

Cado plans to use the funds to expand its UK-based development team and Ten Eleven Ventures partner Mark Hatfield will join the Cado Security board of directors. 

Technology

Cado Security currently has released several free community tools which can forensically image local system drives into the cloud, acquire forensic artefacts from systems, and forensically image AWS EC2 instances. 

Cado Response is what the company describes as its next generation forensic analysis and response platform which seeks to allow organisations to respond faster, secure evidence, and automate analysis. 

It can be deployed as either a SaaS model or organisations can deploy on their own cloud. 

Breaking the Fourth Wall 

Cloud security and forensics are perhaps two of the more sought after skills within the cybersecurity industry. If Cado Security can deliver on its promise, it will be well positioned to take advantage of the market. 

The competitive landscape is still sparse at the moment. Some community efforts are underway with the likes of Open Source DFIR or Cloud Sec. Established forensics and response vendors such as Guidance Software or Access Data would likely make good partners for Cado. 

Perhaps the biggest competition would come from the cloud providers themselves. If the likes of Amazon, Google, or Microsoft bake in and offer forensics and response capabilities it could present an alternative to customers which are locked into one provider.


*** This is a Security Bloggers Network syndicated blog from Javvad Malik authored by j4vv4d. Read the original post at: http://feedproxy.google.com/~r/J4vv4d/~3/R5NOq9L0NU4/