This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 6.8 of Cloud Forensics and Incident Investigation
Cloud-based malware sandbox architecture, static and dynamic analysis of container images and Lambda packages, YARA rules for cloud-specific malware, and GuardDuty Malware Protection.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
AWS GuardDuty Malware Protection
AWS GuardDuty Malware Protection for EBS volume scanning on suspicious findings.
YARA Rules Documentation
Official YARA pattern-matching language documentation for malware detection rules.
Trivy Container Vulnerability Scanner
Aqua Security Trivy documentation for container image, filesystem, and IaC scanning.
Cuckoo Sandbox Cloud Deployment
Cuckoo automated malware analysis sandbox documentation for cloud deployment.
Quadrant 4 · Self-Assessment
Cloud Forensics and Incident Response
Cloud forensics dimensions, EC2 preservation, LiME, legal admissibility, and forensic tools.
Cloud Security: Complete Assessment
Comprehensive 120-question assessment covering all six chapters of the Cloud Security eBook 2026.