[nsp-sec] CeCOS APWG summit + Incident Response on the Cloud issues

[Carles Fragoso]

Hi,

Is someone from the list attending APWG IV CeCOS Summit at Sao Paulo? It would be great to share some beers with other NSP-SEC mates. :)

Recently I have been asked to research a little bit about the issues on security operations for CERT/NSP communities on the new cloud computing paradigm. Could anyone give me some feedback about how you have managed remarkable incidents over SaaS/PaaS/IaaS environments? I have seen that some providers are designing/giving new interfaces so that the IT-Security/CERT guys (from origin organization or could get security information on demand such as logs, packet sniffing, automatic MV clonation for offline incident/forensic analysis, etc. For instance, I have seen the new xtractr app from the pcapr guys.

I would love to hear your experiences or ideas around this topic, so feel free to contact me offlist.

Thanks,

-- Carlos