Mobile devices…smartphone, tablets…are becoming more ubiquitous, and are becoming a primary means for consuming content.
From a DFIR perspective, what type of content would analysts be interested in? For example, the IACIS Quick Reference Guide from Lock and Code is available in the iTunes store…is this something that is useful to folks?
If so, what other types of content would be useful? Cheat sheets of commands, such as for log2timeline or the TSK tools?
How about short (6-10 pg) documents that explain one specific topic, such as an artifact or an analysis process?
Thanks.
I think the short tutorials would definitely be useful.
Your books are fantastic resources however having short excerpts on key areas (tracking user activity, or verifying mac times are questions i constantly get asked) would be very useful to have as a quick resource.
Even having a repository for all of the useful pdfs would be great (New research papers, SANS content). Forensicwiki is good but its still in its infancy.
I love "single sheet" flow charts like SANS and some other orgs put out. I can put it in my lab on the wall and can reference it if my mind goes hazy.
I love "single sheet" flow charts like SANS and some other orgs put out. I can put it in my lab on the wall and can reference it if my mind goes hazy.
definitely, that SANS sheet was fantastic, getting a few of them printed and laminated A1