Forensic investigations are never easy – there’s always something that creates a problem. But most of the time enough perseverence and work, you’re able to get what you need in order to accomplish the task. A lot of this is due to long experience with on-premises forensic investigations. But what happens when the investigation moves to cloud hosted resources? How do you get the information you need in order to perform a reasonable forensic investigation when you’re dealing with virtual machines that exist “somewhere” in the Azure public cloud service?
In this article, Microsoft expert Troy Larson discusses how you can perform forensics on virtual machines that existing in Microsoft Azure. Get the details in the article How I learned to stop worrying and love the cloud: Azure Forensics for the Security Responder.