Just get back to me when ever you finish it, or if you have a product ready, for either purchase of for even Testing, since I'm a digital forensic examiner, I could be an Alpha tester for you if you ever need one.
I'm always on the look out for new software's and forensic capabilities that can make my daily task easier, so just PM me if anything. )
Sure I will get back to you and I really appreciate you offered your support. I would definitely need forensic professionals like you for testing and feedback.
No - and I'll tell you why.
Security vendors try very hard to provide an omni-solution but it is impossible to account for all needs of its prospective customer base.
What we have found in our large enterprise environment is that there is no single solution that works for everything it either comes with too much extra stuff we'll never use, or doesn't just have what we want and we cannot modify it.
If we have to rely on COTS, then at best we buy multiple tools to cover all of our needs (which is not a bad thing IMO).
However the real solution is this your Cyber Security needs to embrace in house code development. The developers are fully integrated in to your function and they are tasked with writing code/scripts/automatic processes that are tailored specifically to the your environment. We get what we want, we get what we need, and it works efficiently and can scale well because it has been designed with our specific environment in mind.
Now, when we actually have to do forensics we have a combination of in-house and COTS to meet our needs. There is unfortunately not a single solution, nor will there be as the landscape moves far too quickly.
No - and I'll tell you why.
Security vendors try very hard to provide an omni-solution but it is impossible to account for all needs of its prospective customer base.
What we have found in our large enterprise environment is that there is no single solution that works for everything it either comes with too much extra stuff we'll never use, or doesn't just have what we want and we cannot modify it.
If we have to rely on COTS, then at best we buy multiple tools to cover all of our needs (which is not a bad thing IMO).
However the real solution is this your Cyber Security needs to embrace in house code development. The developers are fully integrated in to your function and they are tasked with writing code/scripts/automatic processes that are tailored specifically to the your environment. We get what we want, we get what we need, and it works efficiently and can scale well because it has been designed with our specific environment in mind.
Now, when we actually have to do forensics we have a combination of in-house and COTS to meet our needs. There is unfortunately not a single solution, nor will there be as the landscape moves far too quickly.
Thanks for your detailed reply. I will take your words into account before making the decision.
Yeah…. I am not a fan of any product that claims to be an all singing all dancing tool "suite". I get the best results from having a variety of tools.
Simply because I have yet to find one that does everything I need it to do.
beware any tool that claims to have the "find evidence button"
Thanks very much!
Can you please let me know what are the things you have to use other tools for or in other words what you feel is missing in "all singing all dancing" suites? Because that's exactly what I am interested in… )