SANS Digital Forensics and Incident Response Blog: Category - Book Reviews

Case Leads: DFIR Lessons from Sandy; The Advanced Persistent Intruder; The Secure Breach; Windows8 Forensics; South Carolina Tax Info Protected by "TWO FIREWALLS"

The general public is getting a lesson in incident response with the post Hurricane Sandy storm damage in the Northeastern part of the United States. Your case leads blogger is working on incident responses related to the storm. Many non-technical professionals have had a chance to witness the challenges of DFIR. And some are starting … Continue reading Case Leads: DFIR Lessons from Sandy; The Advanced Persistent Intruder; The Secure Breach; Windows8 Forensics; South Carolina Tax Info Protected by "TWO FIREWALLS"


Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011

This week's edition of Case Leads features a new version of REMnux for malware analysis and we have two tools for collecting forensic images from iPhone and Android devices. We also have a couple of articles on Android memory analysis and the use of Open Source digital forensics tools to validate commercial tools. As always, … Continue reading Digital Forensics Case Leads: New version of REMnux, tools for imaging iPhone and Android devices, and a list of "Best Reads" from 2011


Digital Forensics Case Leads: PFIC 2011 Report, DNS forensics, Massive Flaws in Amazon EC2?

The Paraben Forensics Innovator's Conference was held last week in Park City, Utah. Your SANS Digital Forensic blogger attended the event, along with over 300 fellow, forensicators and lawyers. With information security events like BlackHat, and DefCon drawing thousands, this is yet another small event that has many advantages over the larger conferences. At these … Continue reading Digital Forensics Case Leads: PFIC 2011 Report, DNS forensics, Massive Flaws in Amazon EC2?


Digital Forensics Case Leads: Massive eDisco Penalty, Dodd-Frank Law and Digital Forensics, It's Not Business, It's Personal

Legal, regulatory matters, and threats to Law Enforcement and members of the US armed forces top this edition of Digital Case Leads. An appeals court uphold a massive penalty against a company for not properly retaining electronically stored information (ESI). If the offending party doesn't cough up over $1,000,000 in penalties, a senior exec from … Continue reading Digital Forensics Case Leads: Massive eDisco Penalty, Dodd-Frank Law and Digital Forensics, It's Not Business, It's Personal


Book Review: Digital Forensics with Open Source Tools

I was excited awhile back to learn Digital Forensics with Open Source Tools was being written and even more pleased when I heard who its authors were. I worked almost exclusively with open source tools while beginning my foray into the digital forensics world and happily continue using them today, so I knew this book … Continue reading Book Review: Digital Forensics with Open Source Tools