Cloud forensics and incident response platform

Patent Number: 11,113,388
Issued: 9/7/2021
Official Filing: View the Complete Patent
Abstract: A system, method, and device for cloud forensics and incident response is provided. In an embodiment, a computer-implemented method for performing cloud forensics and incident response includes intercepting, by a cloud incident response module (CIRM), communication between a virtual machine (VM) and a hypervisor. The method also includes extracting, by the CIRM, data from the communication between the VM and the hypervisor according to a forensic policy. Intercepting and extracting the data are transparent to the VM and to the hypervisor. Intercepting and extracting the data are independent of the VM and the hypervisor.
Filed: 7/31/2018
Application Number: 16/51,005
Government Interests: STATEMENT OF GOVERNMENT INTEREST This invention was made with Government support under Contract No. DE-NA0003525 awarded by the United States Department of Energy/National Nuclear Security Administration. The Government has certain rights in the invention.