±Forensic Focus Partners

Become an advertising partner

±Your Account


Forgotten password/username?

Site Members:

New Today: 1 Overall: 34081
New Yesterday: 3 Visitors: 73

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Looking to study tools that PwC and similar big firms use

Computer forensics training and education issues. If you are looking for topic suggestions for your project, thesis or dissertation please post here rather than the general discussion forum.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page Previous  1, 2 

Re: Looking to study tools that PwC and similar big firms us

Post Posted: Fri Jan 25, 2013 9:14 pm

Just wanted to add to the other helpful posts -

A) I'm guessing on your BSc you had some exposure to forensic tools such as EnCase. FTK, Xways maybe? As you know these are probably industry standards for forensics, but someone like PwC (whoever they are!!) will undoubtedly be using e-Discovery tools as well as others, so a bit of research about those might come in handy, e-Discovery isn't my area so I wouldn't know a top 5 tools for it.

You could think of it another way for an interview process, maybe your top 5 tools are things like your approach, your mindset, ability to think outside the box, flexibility etc etc etc, all personal traits that combined with knowledge of the software tools give you the edge over someone else.

B) Don't know - but if you're going to be going out into corporate environments you are likely to encounter all sorts. Knowledge of file systems may be better than knowledge of operating systems. There's plenty of information out there about file systems and artifacts, Google is your friend.

C) None, if you're looking short term. Google, people's blogs, the blogs they read, and the links from the blogs will give you a flavour of what's current. I've got loads of books that I never look at or refer to, and, no disrespect to any authors out there, things move so quickly that six months after the author wrote it, it might be out of date. That's not to say there aren't good books out there though, can't remember the names of anyone who wrote one, if only the author's mentioned them every so often.

D) Find out from the people you know in that company what they're all about, try and get a contact in the area you want to work in and approach them. Get on the internet and read current information about that company and the area you want to work in.

E) Yes, why not. There's plenty of people who are always encouraging others to contribute to the forensics community, I'm surprised they haven't jumped up to encourage you, perhaps they only got to the first bit of your post that annoyed them. Ok, so I don't blog, my preference, but if you like writing and want to post your thoughts, why not? People have a choice as to whether to read or not, you never know, you might find something that someone else didn't know. They also have a choice as to whether to comment or not, some just comment for the sake of it, not because it's useful. Don't be discouraged by those that pick fault at minutiae.

I hope you get back and find something

Oh, and I'm with Paul!!  

Senior Member

Re: Looking to study tools that PwC and similar big firms us

Post Posted: Fri Jan 25, 2013 9:49 pm

Perhaps Iain may wish to consider the following to assist his investigation:


Law Firms

Investment Banks
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 

Senior Member

Re: Looking to study tools that PwC and similar big firms us

Post Posted: Fri Jan 25, 2013 11:21 pm

A mate of mine works at pwc.
There was a big push in the last couple of years to rebrand the company from "price Waterhouse coopers" to pwc. It now says pwc on everything from their building (which formerly had price Waterhouse coopers blazaned on the top" to their letterheads and business cards.

I think that using the acronym in that instance was actually in the correct context, much like it would be saying kpmg.

Jaclaz was just trolling.  

Senior Member

Re: Looking to study tools that PwC and similar big firms us

Post Posted: Sat Jan 26, 2013 2:03 am

A good place to start is taking a look at the company's job postings. They may not be the most descriptive but there is enough information to give you a few areas to look into. For example, check out these jobs


One listing is for a CyberCrime Senior Associate and the job description says: malware forensics, network forensics, and memory analysis. The requirement section mentions the following tools: encase, FTK, helix, Paraben, and live memory collection. I won't repeat the entire listing but there are some other tidbits in there as well.

If it were me, I would look closely at those postings and then start learning the processes & methodologies they are looking for.

Corey Harrell
"Journey Into Incident Response"


Re: Looking to study tools that PwC and similar big firms us

Post Posted: Sat Jan 26, 2013 2:30 pm

A) What 5 tools would you say are essential for an investigator at PwC?

Law book, paper, pen, calculator and excel

B) Are Linux and Mac forensics a big focus in there firm?

No clue, you have to ask them. As someone pointed out, check the job ads, its a great way of getting an inside view of an organisation.

C) What 3 books could you recommend reading to bring me up to speed with the industry?

None. Go to SANS and take the forensics courses there.

D) Can you recommend anything else I should do to aid my job chances and increase my knowledge?

Stop focusing on one corporation.

E) I enjoy writing, should I start a personal forensics blog? Post test scenarios I completed, how I completed them etc.

When you have something to contribute to the community, perhaps.  

Senior Member

Page 2 of 2
Go to page Previous  1, 2