Digital forensics has been forced to change. In the past, when someone was suspected of a crime or behavior that was in violation of corporate policy, the typical process would be to seize the hard drive after hours, take a bit stream image, analyze the drive and compile a report. Of course this is becoming an increasingly difficult task. More and more companies now have a global presence with offices spread around the world. What’s more, these distributed networks have thousands, if not tens of thousands of PCs attached to them. Thus the new trend in digital forensics is to to use the corporate network to immediately respond to incidents…
Quantifying Data Volatility for IoT Forensics With Examples From Contiki OS
A Systematic Approach to Understanding MACB Timestamps on Unixlike Systems
Enterprise Forensics: Traditions vs Reality in Modern DFIR
Important: No API Key Entered.
Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.