Blog: SANS Digital Forensics and Incident Response Blog: Category - Certification and License

Blog: SANS Digital Forensics and Incident Response Blog:

Digital Forensics Case Leads: Free Tools, Fancy Toys, Snipers, Manipulated Photos, and no PI licenses required in VA

A variety of forensical tidbits this week, from new tools to a history of photo manipulation, and a relaxation of the PI requirement in VA. If you have an interesting item you think should be included in the Digital Forensics Case Leads posts, you can send it to caseleads@sans.org.

Tools:


  • Mandiant has released an update to their Highlighter tool to V1.1.2. You can read information about the update here.

  • Dell has extended their digital forensics line to include a mobile offering, consisting of a hardware/software bundle to enable faster evidence collection at incident locations. Check out the toys.


Good Reads:

Getting Started in Digital Forensics: Do You Have What It Takes?

Those of you who have been following our weekly Case Leads articles may have noticed that we've made several mentions of the new issue (#4) of Digital Forensics Magazine.SANS has developed a relationship with the good people over at DFM that we hope will prove beneficial to the Forensics and Incident Response community, and we're trying to highlight some of the interesting elements that have arisen from that relationship.

As of Issue 4, our own forensicator-in-chief, Rob Lee, has become a Contributing Author for Digital Forensics Magazine. I have been in contact with the publisher, Tony Campbell, who has generously given us permission to re-print Rob's first article here. So, in a fairly egregious form of hijacking, I am also using Rob's article as a launch pad for a series of posts I've begun writing under the series name "Getting Started in Digital Forensics." Thanks to both Rob and

...

Digital Forensics Recertification (Beyond the Cert)

It was that time again, GCFA recertification. This was going to be my third SANS GCFA recertification attempt. This year I had an option, exam or CMUs (Certification Maintenance Units). I had the CMUs necessary for submission. The problem was, I could apply them to my G7799 Certification or my GCFA certification. I chose the exam option for my GCFA.

I consider the exam and the provided materials an outstanding way to get the least expensive SANS course available. It is one of the real benefits to a certified SANS alum. Anyone who is certified and has used the materials would agree in the value. The newest materials, updated tools provided

...

Computer Forensic Examiners: PI Licensing Requirement Revisited

Do computer forensic examiners have to be licensed as private investigators? Well, that varies by state. Benjamin Wright has discussed the PI requirementhere and Texas PI legislationhere.Scott Moulton provided some insight to Michigan and the CISSP requirementhere. I do not plan to regurgitate their research or viewpoints, but rather continue the discussion and provide some additional information in regards to another

...

GIAC Adds GCFA to The List of ANSI/ISO/IEC 17024 Accredited Credentials


ANSI

BETHESDA, Md., Jan. 7 /PRNewswire/ -- The Global Information Assurance Certification (GIAC) program, a SANS Institute affiliate, announced today that the GIAC Certified Forensics Analyst (GCFA), GIAC Certified Intrusion Analyst (GCIA) and GIAC Certified Incident Handler (GCIH) have been accredited under the ANSI/ISO/IEC 17024 Personnel Certification program. GIAC is leading the way in the information security industry with five ANSI accredited