SANS Digital Forensics and Incident Response Blog: Category - Computer Forensics

Digital Forensic SIFTing: Colorized Super Timeline Template for Log2timeline Output Files

Last Month at the SANS360, I promised the release of the Timeline Template to be used to automatically colorize your timelines. Review on Timeline Creation: 1.Mounting Evidence Files 2.Automated Timeline Creation 3. Targeted Timeline Creation TIMELINE CREATION CHEAT SHEET The Timeline Color Template in EXCEL 2007+ The EXCEL TEMPLATE can be downloaded here. TIMELINE_COLOR_TEMPLATE MD5 … Continue reading Digital Forensic SIFTing: Colorized Super Timeline Template for Log2timeline Output Files


Digital Forensic SIFTing - Targeted Timeline Creation and Analysis using log2timeline

Digital Forensic SIFTing is a series of blog articles that utilize the SIFT Workstation. The free SIFT workstation, can match any modern forensic tool suite, is also directly featured and taught in SANS' Advanced Computer Forensic Analysis and Incident Response course (FOR 508). SIFT demonstrates that advanced investigations and responding to intrusions can be accomplished … Continue reading Digital Forensic SIFTing - Targeted Timeline Creation and Analysis using log2timeline


Digital Forensics Case Leads: ReFS, Ex01, and DFIROnline

This week's cornucopia of forensic goodness so thoroughly defies summary that I nearly gave up writing an introduction. But a few things do merit particular emphasis. First, the second DFIROnline meetup takes place tonightat 20:00 EST. Luminaries Harlan Carvey and Eric Huber will be presenting. Before then, however, you may want to take some time … Continue reading Digital Forensics Case Leads: ReFS, Ex01, and DFIROnline


Thoughts on Malware, Digital Forensics and Data Breaches by Hal Pomeranz

Hal Pomeranz shares his insights on malicious software in the context of data breaches, incident response and digital forensics. Hal's expertise spans several areas of information security, and most recently and most recently has focused on forensics. He teaches several courses at SANS Institute, including Reverse-Engineering Malware. Continue reading Thoughts on Malware, Digital Forensics and Data Breaches by Hal Pomeranz


The Color of a Forensicator's Parachute: Professional Development and Retainment

Next week is DoD Cybercrime and I put in to lead a panel that I feel is often overlooked by many in the community. Proper professional development of our DFIR staff. As a result, I submitted a talk to lead a panel discussion and as a result, On Thursday, 26 January I am leading a … Continue reading The Color of a Forensicator's Parachute: Professional Development and Retainment