Skip to main content

AWS S3 Support and Uploading On-Premise Files

The Cado platform supports acquistion of data from AWS S3 buckets. The two main use cases for this are:

  • Analyzing disk images or zip files that have been uploaded to an S3 bucket as part of an investigation (e.g. as part of using Cado Community Edition)
  • Analyzing the contents of an S3 bucket for any uploaded content that could be part of an incident

Select or search for the bucket you require. Navigate and select the objects you need, and click the 'Import n objects' button. Confirm the details and click 'Start Import'.

Import S3 Bucket

Uploading On-Premise evidence to S3 for Import

You can use the AWS Console to upload data from your web browser if you have access to it.

Alternatively, you can create an AWS Access and Secret Key then use a Desktop GUI tool such as Cyberduck to easily upload files from your desktop, with support for functionality such as resuming failed uploads.

If you create an Access/Secret for uploading data to S3, we reccomend you scope the access by:

You can also use Cado Host with the --single_file_unzipped parameter - this may be a good option if you do not have direct access to Azure as Cado Response will generate the credentials at Import > Cado Host.

Data Flow Diagram

For a diagram of how our S3 acquisitions operate, please see our Knowledge Base.