KoreLogic Wins Digital Forensic Research Workshop Contest

Klayton Monroe and Jay Smith of KoreLogic Security were key members of the team announced as winners of the 2006 File Carving Challenge at the 6th Annual Digital Forensic Research Workshop (DFRWS). Challenge participants were asked to develop new tools and techniques to extract as many files as possible from a DFRWS-prepared data set while reducing the number of false positives. Data carving techniques are used during digital forensics investigations and existing file carving tools typically produce many false positives…The Challenge organizers, Brian Carrier, Eoghan Casey, and Wietse Venema, selected KoreLogic’s solution as the winning entry from numerous exciting submissions. “There were many strong entries in this year’s Challenge, which involved extracting files from an unstructured data set. KoreLogic’s approach used unique techniques to help recover files that were broken up into multiple pieces,” said Brian Carrier.

KoreLogic co-founder Klayton Monroe said, “It’s an honor to win the Challenge given the talent and expertise of the participants and organizers. We thank the DFRWS for the opportunity to participate and hope that our submission will help continue the advancement of file carving techniques.” The team’s original submission, tools, and other challenge-related details can be found at http://www.korelogic.com. The Workshop proceedings will be published by Elsevier in a special issue of Digital Investigation – The International Journal of Digital Forensics & Incident Response.

About KoreLogic:

Well known for its internally developed tools and methodologies, KoreLogic specializes in security assessments of mobile applications, software products, web applications, and IT infrastructure. KoreLogic also offers advanced “HardKore” training, incident response services, and intrusion analysis support. KoreLogic primarily serves the Fortune 1000 and provides applicable, risk-based security advice that is tailored to be readily understood by technical and management staff.

About the Annual Digital Forensic Research Workshop (DFRWS)


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

The DFRWS is a non-profit, collaborative group of researchers, industry, academics, law enforcement, and military/DOD staff who are interested in advancing the state of the art in digital forensics by sharing their results, knowledge, and experiences. An annual workshop is one focal point of this goal.

Leave a Comment

Latest Videos

Digital Forensics News Round-Up, February 21 2024 #digitalforensics #dfir

Forensic Focus 21st February 2024 6:19 pm

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts. 

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director 
43:45 – Privacy of user data

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts.

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director
43:45 – Privacy of user data

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_ifoHVkjJtRc

How MSAB Is Managing The Digital Forensics Challenges Of Frontline Policing

Forensic Focus 21st February 2024 3:07 pm

Podcast Ep. 80 Recap: Empowering Law Enforcement With Nick Harvey From Cellebrite

Forensic Focus 20th February 2024 11:49 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles