Stroz Friedberg Promotes Seth Berman and Erin Nealy Cox

Stroz Friedberg has announced the promotions of Seth P. Berman and Erin Nealy Cox to the position of Executive Managing Director and their appointment to the firm’s Executive Management Group, which sets strategy and policy for the firm…”Our Executive Management Group is truly enhanced with the addition of these two dynamic industry leaders,” says Stroz Friedberg Co-President Eric Friedberg. “As our clients continue to turn to us with larger, more complex, and more global problems, we know that Seth and Erin will valuably assist us in scaling our infrastructure, solutions, and talent to meet our clients’ challenges.”

Mr. Berman and Ms. Nealy Cox have proven their ability to add value in this fashion. After the firm acquired London based Data Genetics International (“DGI”), the UK’s largest digital forensics firm, Mr. Berman oversaw the corporate integration process and now – with Julian Parker, the former CEO of DGI – leads Stroz Friedberg’s tremendous growth in the UK and on the European Continent. Although based in London, Mr. Berman also continues to provide stewardship to our Boston office, which he established in 2007. Mr. Berman is an expert in cybercrime investigations, data breach response, and cross-border data privacy. He lectures and publishes regularly in these areas. Prior to joining Stroz Friedberg, Mr. Berman served as a lead prosecutor in the U.S. Attorney’s Computer Crimes Unit for the District of Massachusetts.

Ms. Nealy Cox established the firm’s Dallas office in 2008 after leaving the Dallas U.S. Attorney’s Office, where she had coordinated and prosecuted complex cybercrime cases as the Office’s Computer Hacking and Intellectual Property Coordinator. Since then, she has quickly risen to be recognized as a prominent Dallas business woman, as most recently recognized by the Dallas Business Journal which identified her among the 2010 Women in Business. Ms. Nealy Cox has helped major corporate clients in Texas and beyond solve their most serious data breach, computer security, P.C.I., and electronic discovery problems. Her firm-wide contributions have included overseeing all of Stroz Friedberg’s marketing and public relations functions.

About Stroz Friedberg

Get The Latest DFIR News!

Top DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Stroz Friedberg is the leading global consulting firm for managing digital risk and uncovering digital evidence. The company specializes in digital and mobile device forensics, electronic discovery, data breach and cybercrime response, anti-money laundering, and cyber and traditional investigations. Working at the cutting edge of law, policy, and technology, the company provides technical assistance and strategic advice to help clients effectively manage electronic information: its sources, its trails, and its implications. Learn more about the firm at www.strozfriedberg.com.

Leave a Comment

Latest Videos

Quantifying Data Volatility for IoT Forensics With Examples From Contiki OS

Forensic Focus 22nd June 2022 5:00 am

File timestamps are used by forensics practitioners as a fundamental artifact. For example, the creation of user files can show traces of user activity, while system files, like configuration and log files, typically reveal when a program was run. 

Despite timestamps being ubiquitous, the understanding of their exact meaning is mostly overlooked in favor of fully-automated, correlation-based approaches. Existing work for practitioners aims at understanding Windows and is not directly applicable to Unix-like systems. 

In this paper, we review how each layer of the software stack (kernel, file system, libraries, application) influences MACB timestamps on Unix systems such as Linux, OpenBSD, FreeBSD and macOS.

We examine how POSIX specifies the timestamp behavior and propose a framework for automatically profiling OS kernels, user mode libraries and applications, including compliance checks against POSIX.

Our implementation covers four different operating systems, the GIO and Qt library, as well as several user mode applications and is released as open-source.

Based on 187 compliance tests and automated profiling covering common file operations, we found multiple unexpected and non-compliant behaviors, both on common operations and in edge cases.

Furthermore, we provide tables summarizing timestamp behavior aimed to be used by practitioners as a quick-reference.

Learn more: https://dfrws.org/presentation/a-systematic-approach-to-understanding-macb-timestamps-on-unixlike-systems/

File timestamps are used by forensics practitioners as a fundamental artifact. For example, the creation of user files can show traces of user activity, while system files, like configuration and log files, typically reveal when a program was run.

Despite timestamps being ubiquitous, the understanding of their exact meaning is mostly overlooked in favor of fully-automated, correlation-based approaches. Existing work for practitioners aims at understanding Windows and is not directly applicable to Unix-like systems.

In this paper, we review how each layer of the software stack (kernel, file system, libraries, application) influences MACB timestamps on Unix systems such as Linux, OpenBSD, FreeBSD and macOS.

We examine how POSIX specifies the timestamp behavior and propose a framework for automatically profiling OS kernels, user mode libraries and applications, including compliance checks against POSIX.

Our implementation covers four different operating systems, the GIO and Qt library, as well as several user mode applications and is released as open-source.

Based on 187 compliance tests and automated profiling covering common file operations, we found multiple unexpected and non-compliant behaviors, both on common operations and in edge cases.

Furthermore, we provide tables summarizing timestamp behavior aimed to be used by practitioners as a quick-reference.

Learn more: https://dfrws.org/presentation/a-systematic-approach-to-understanding-macb-timestamps-on-unixlike-systems/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_i0zd7HtluzY

A Systematic Approach to Understanding MACB Timestamps on Unixlike Systems

Forensic Focus 21st June 2022 5:00 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...