Cado

Cado provides broad support across multi-cloud, container and serverless environments, eliminating blind spots that have previously made forensics and incident response challenging or impossible.

Data is moving to the cloud. Cyber attackers are moving to the cloud. Yet when security teams need to respond to a threat in a modern environment, it’s incredibly complex and time consuming. The Cado platform leverages the scale, speed and automation of the cloud to expedite forensics and incident response. Find out how your team can benefit.

Abilities:

• Cross Clud Investigations - Investigate incidents identified in Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) in a single pane of glass.
• Container Investigations - Perform forensics and incident response in container environments including EKS, AKS, and Kubernetes.
• Triage and Full Disk Acquisition - Automate triage acquisition and full volume captures of cloud resources for immediate investigation.
• Evidence Preservation -Ensure evidence residing in ephemeral environments is immediatly captured and preserved before it disappears.
• Incident Containment - Perform remediation actions including stopping, containing or isolating cloud instances to prevent damage and spread.
• Incident Response Preparedness - Assess your level of preparedness to properly identify, preserve and analyze incident evidence.

Features: 

• Broad Coverage - Investigate hundreds of data sources across cloud-provider logs, disk, memory and more
• Parallel Processing - Process massive amounts of disparate data in minutes with Cado’s patent-pending technology
• Collaborative Investigations - Work together on a single or multiple investigations at once, from anywhere
• Ruthless Automation - Automatically surface key incident details including root cause, compromised roles and assets, a complete timeline of events and more
• Customizable Platform - Make the Cado platform your own with user-customizable rulesets and reporting