Sheldon, you're VP of Sales at BlackBag. Tell us about your role: what does a day in your life look like?
At BlackBag, I am responsible for the revenue of the entire company. I plan and work with several other team members on the go to market strategy. This includes figuring out exactly who are we selling to, what we can sell them to help meet their needs, where the customer is, and how are we going to approach the marketplace.A typical day involves working with current and prospective customers on solving their needs with our solutions. I speak to customers to understand how they are using our solutions and what they would like to see in future releases. Partners (resellers, consultants, and other software companies) play a major role in our strategy, so during the day I am usually talking to many of them.
Can you tell us about your background? Why did you decide to work in this field?
I have a degree in computer science and applied mathematics and have worked in the technology sector for over 30 years. I started out as a solution engineer at a company that offered cloud solutions and within a few years, I decided to go into sales. After spending a few years as a sales person, I went into sales management.
During the first half of my career, I was in the decision support/information analytics sector, then went into cybersecurity and digital forensics. I decided to make this switch since I really liked (and aligned with) what the cyber/digital forensics companies were focused on – capturing the bad guy! Waking up every day, I feel that I contribute to making the world we live in a safer place for all of us.
Talk us through some of BlackBag's products and their main features.
BlackBag has 3 main cornerstone products:
BlackLight provides comprehensive Windows, Android, iPhone/iPad, and Mac forensics analysis. It is cross-platform and can analyze common file system and application artifacts as well as structures that show activity on the system such as Time Machine backup files, virtual images and Windows Registry files.
Mobilyze offers mobile data acquisition, triage, and reporting for Android and iPhone/iPad devices. With Mobilyze, you can quickly acquire mobile devices in a forensically sound manner, which allows law enforcement professionals of all technical competencies to quickly see results and make informed decisions.
MacQuisition delivers live data acquisition, targeted file collection, and forensic imaging software for Mac OS X Acquire live data (including RAM) or forensically image over 185 Apple models. MacQuisition is the only forensic solution that runs within a native OS X boot environment, making it uniquely versatile and reliable. Investigators can use the source system to create a forensic image by booting directly from the MacQuisition USB key.
How do BlackBag's solutions compare with other popular forensic software packages? What are their main advantages? Which areas do you think could be improved upon to make them more competitive?
BlackBag are known as the Apple experts, but our customer base is finally starting to realize we are so much more than just Macs. Beyond Apple devices we support Windows and Android based devices – with built-in registry viewing, volume shadow support, and even lightning-fast Windows memory analysis. Our software is consistently praised for it how easy it is to use. Our interface guides the investigator to categorized areas that allow them to quickly locate items like multimedia, communications, and downloads information without costly training. We don’t think installing and maintaining your tool should take you away from your important case work, so we make sure installing and updating is as seamless as possible without managing any external applications for things like hashing or add-on optional functionality.
Finally, reporting: the key to closing a case is passing on the info needed in a timely and understandable way. We have folks move their results out of other products into BlackBag’s just for how easy and well formatted our tools make reporting.
In regard to challenges, we will always need to stay on top of new artifacts and our research team has been invaluable at keeping ahead of OS updates and changes to where the most valuable data is stored.
In your opinion, what are some of the biggest challenges facing digital forensic investigators today, and how do BlackBag's products help to address these?
Today, investigators are faced with performing analysis on evidence from multiple environments including Windows and Mac computers, smartphones and the cloud. In addition to this, the volume of the evidence has increased greatly in the past few years. With BlackLight, a user can do analysis on data from all of these environments through the same interface and able to handle the huge volumes of data and report on it easily.
Another challenge is the speed of acquisition, especially on a smartphone given how prevalent they are today. For those in the field, they don’t have the time to do a full acquisition, so with Mobilyze, they can quickly triage the phone within 30 minutes. This saves time, money and can get the evidence quickly.
Is there a typical BlackBag user?
Our typical user is someone that is trying to quickly and efficiently find the evidence to put a criminal in jail. This can be in government or the private sector. We have a large customer base in law enforcement and at all levels of government along with a growing corporate list.
Looking to the future, how do you think the world of digital forensics will change over the next few years?
The future of digital forensics will continue to evolve to include more platforms, including IoT devices. With the increase in platforms and volume, the speed to acquire and analyze will improve greatly. The use of more automation will assist the investigator greatly.
Finally, when you're not working, what do you enjoy doing in your spare time?
I have a large family that I enjoy spending time with, along with traveling and playing golf.