Exporting Data | Cado Security

Exporting Data from Cado Response

Cado Response is designed to be an open platform to import and export data from.

Exporting Collected Disk Images and Raw Data to Forensic Tools

We collect:

AWS EC2 systems in DD format
Azure Virtual Machines in VHD format
GCP Instances in VMDK format
Cado Host Triage captures (and captures from Containers) in a Zip format In to storage (S3 in AWS, Storage in Azure).

These formats can be downloaded from the relevant cloud console and imported into desktop forensic tools such as:

https://www.magnetforensics.com/products/magnet-axiom/ (See also How to import from S3)
https://www.x-ways.net/forensics/
https://www.opentext.com/products/encase-forensic

Exporting Processed Data to SIEM Platforms

Please see SIEM Integrations >

Centrally Preserving Data

If you are deployed into AWS, you can enable all processed evidence to be copied and preserved in a central S3 bucket. This setting can be enabled at Settings > Preservation.

Preservation

Exporting Data from Cado Response​

Exporting Collected Disk Images and Raw Data to Forensic Tools​

Exporting Processed Data to SIEM Platforms​

Centrally Preserving Data​

Exporting Data from Cado Response

Exporting Collected Disk Images and Raw Data to Forensic Tools

Exporting Processed Data to SIEM Platforms

Centrally Preserving Data