±Partners and Sponsors
New Today: 0
New Yesterday: 3
±Follow Forensic Focus
· Coming apart at the SIEMs …
· Mac Memory Forensics – WeChat Analysis in a live system
· DFRWS Europe 2014 Annual Conference – Recap
· Considering A Career in Audio-Video Forensics? Enhance Your Prospects With Continuing Education
· Forensics Europe Expo 2014 – Recap
· Windows Logon Password – Get Windows Logon Password using Wdigest in Memory Dump
· Windows Forensics and Security
· Samsung Galaxy Android 4.3 Jelly Bean acquisition using Joint Test Action Group (JTAG)
· Safer Internet Day
Digital Forensics, Computer Forensics, eDiscoveryBack to top Back to main Skip to menu
Read More (Magnet Forensics)
“When I started doing forensics, mobile devices meant flip-phones and texting,” said Josh Moulin, a contractor doing forensics work for a federal agency. The information you could expect to get from a phone was a contact list, some text messages and calendar entries.
“Today they are computers, and we are getting everything off of them that we would expect from a computer. You have a great picture of what a person is doing and is interested in...”
Read More (GCN)
The updated release offers extra visualization options. The updated map view now offers the ability to create routes based on marked geolocation points, and allows overlaying several routes for instant analysis. The social view is also updated, adding state-of-the-art visualization of group communications from many popular mobile applications.
As you are all aware, one item of data does not a case make, it is the combination & correlation between _all_ of the data that creates “evidence” – and here in the SIEM we are seeing the very thinnest separation between forensics and security – if we look at it today it is security, if we look at it tomorrow, it’s forensics.
An SIEM (oft pronounced “seem” – although mostly I like to spell out my TLAs ESS-AYE-EEE-EMM [ with a few notable exceptions ... raid, scuzzy, wizzywig ... but I suspect that shows my age more than anything else ! ] ) is a centralised system that collects information from other systems in the network. This information is typically – but not exclusively – collected from some, or all, of the normal logging of the system...