SANS Digital Forensics and Incident Response Blog: Category - Reporting

DFIR Summit 2016 - Call for Papers Now Open

The 9th annual Digital Forensics and Incident Response Summit will once again be held in the live musical capital of the world, Austin, Texas. The Summit brings together DFIR practitioners who share their experiences, case studies and stories from the field. Summit attendees will explore real-world applications of technologies and solutions from all aspects of … Continue reading DFIR Summit 2016 - Call for Papers Now Open


SANS Survey of Digital Forensics and Incident Response #DFIR

More than 450 participants completed the SANS 2013 Digital Forensics Survey, conducted online during April and May 2013. A primary goal of this survey was to identify the nontraditional areas where digital forensics techniques are used. The survey can be downloadedHERE. A webcast introducing the Survey earlier this month can be found here: https://www.sans.org/webcasts/digital-forensics-modern-times-survey-96645 The … Continue reading SANS Survey of Digital Forensics and Incident Response #DFIR


Report Writing for Digital Forensics: Part II

This blog post is a second edition and follow-up toIntro to Report Writing for Digital Forensics., which you've taken the time to review, digest, and dissect. How the digital forensic practitioner presents digital evidence to his/her intended audience (Regardless, of why we are preparing a digital forensic report), establishes proficiency of the digital forensic examination. Let's take it even a step further, how will you present your findings? Effectively reporting what you found during your forensic examination will aid you in presenting your report and the digital evidence to whomever your intended audience will be, which ultimately may be a jury in a criminal or civil proceeding. In this blog post, we are going to tackle some more report writing issues. Remember, YMMV depending on what hat you wear in digital forensics

...


Digital Forensic Case Leads: Anon Strikes Again, and Again. Groupon Litigation Threats. DarkMarket Motivations Revealed. The Tutu Has Been Donned

This week's Digital Forensic Case Leads is chock full of forensics nuggets. Links to great forensics tools for encryption detection and memory extraction, plus a how-to for breaking/auditing the OS X Keychain. You will also find an analysis of the Samsung v. Apple patent case from a digital forensics perspective, with IP Attorney Ben Langlotz. … Continue reading Digital Forensic Case Leads: Anon Strikes Again, and Again. Groupon Litigation Threats. DarkMarket Motivations Revealed. The Tutu Has Been Donned


Digital Forensics Case Leads: Your Password Is Out There, again...

Data breaches at LinkedIn, eHarmony, and Last.fm exposed millions of account passwords, and probably other data that the attackers haven't made public. also a wealth of interesting new and updated tools. Among these are HexDive, SquirrelGripper, ShadowKit, and a Report Writing cheat sheet from Girl,Unallocated. Also worthy of particular note is Corey Harrell's Compromise Root Cause Analysis Model Continue reading Digital Forensics Case Leads: Your Password Is Out There, again...