How would you perform cloud-native incident response and forensics after a suspected breach at Asapp?