ediscovery Archives - Forensic Focus

Rob Fried, Senior Vice President, Forensics & Investigations, Sandline Global

5th August 2021

Let’s start with a little bit about you. What first brought you to digital forensics?

While a student at the University of New Haven (UNH), majoring in Forensic Science, I enrolled in courses related to computer forensic investigation and information … Read more

What Changes Do We Need To See In eDiscovery? Part IX

29th March 2021

This is the third part of “How to deal with Structured Data”. In case you missed it, the previous part is here.

Picking up from where we left off…

Step 3

Now that we have our formatted text files, … Read more

What Changes Do We Need To See In eDiscovery? Part VIII

30th March 202123rd March 2021

This is the second part of “How to Deal with Structured Data.” In case you missed it, the previous part is here.

Before I move onto transforming proprietary databases, let me add this point to packaged application data which … Read more

What Changes Do We Need To See In eDiscovery? Part VII

30th March 202122nd February 2021

Harold Burt-Gerrans talks about how to deal with structured data in ediscovery cases.

I’m baaaaa–ack! And you thought I was done with my earlier six-part series, but I have a new topic to
add to my rants and raves. For … Read more

What Changes Do We Need To See In eDiscovery? Part VI

30th March 202113th November 2019

by Harold Burt-Gerrans

Welcome to Part 6, the last in this series. In case you’re joining late, the previous parts are available as follows:

What Changes Do We Need To See In eDiscovery? Part V

30th March 20215th November 2019

by Harold Burt-Gerrans

Welcome to Part 5. As promised in Part 4, I’ll start by discussing recursive de-duplication.

Recursive De-Duplication: Using Aliases Within De-Duplication

I can’t count the number of times that clients have complained about x.400/x.500 addresses in … Read more

What Changes Do We Need To See In eDiscovery? Part II

30th March 202114th October 2019

by Harold Burt-Gerrans

Let’s continue from where we left off last time, discussing standardization. If you missed it, Part 1 was all about establishing standards. Now a bit about following standards. This will sound funny to those who know what … Read more

What Changes Do We Need To See In eDiscovery? Part I

30th March 20217th October 2019

by Harold Burt-Gerrans

I’m approaching this multi-part article from a software development point of view, as I believe many of the following issues have been brought about by the evolution of eDiscovery software following the procedures used by handling boxes … Read more

Techno Security & Digital Forensics 2019 – San Diego March 11-13

19th May 202010th December 2018

From the 11th to the 13th of March 2019, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in San Diego, CA, USA. If there are any topics you’d particularly like us to cover, or any speakers … Read more

ICDF2C 2018 – Recap

19th May 20209th October 2018

This article is a recap of some of the main highlights from the ICDF2C conference 2018, which took place in New Orleans, LA, USA from the 10th-12th September.

The program began on Monday 10th September with the usual welcome registration. … Read more

Opinion: Is ISO17025 The Right Standard For Digital Forensics?

12th May 20203rd October 2018

by Rich2005

Standardisation is currently the subject of animated discussion among digital forensic examiners worldwide. In this opinion piece, Rich2005 looks at the challenges of the ISO17025 standard for digital forensics and why it might not be the best choice … Read more

Word Forensic Analysis And Compound File Binary Format

12th May 202018th September 2018

by Arman Gungor

Microsoft Word forensic analysis is something digital forensic investigators do quite often for document authentication. Because of the great popularity of Microsoft Office, many important business documents such as contracts and memoranda are created using Word. When … Read more

Searching And Filtering Emails When Forensically Collecting Mailboxes

12th May 202011th May 2018

Hand-drawn contacts and emails sketch with depth of field focus

by Arman Gungor

When mailboxes are forensically preserved for eDiscovery or digital forensic investigations, their contents are almost always searched and filtered. Filtering emails helps overcome time, scope and cost constraints and alleviates privacy concerns.

There are two main ways … Read more

New Federal Rule of Evidence to Directly Impact Computer Forensics and eDiscovery Preservation Best Practices

12th May 202019th December 2016

by John Patzakis, X1

A key amendment to US Federal Rule of Evidence 902, in the form of new subsection (14), will go into effect on December 1, 2017. This amendment will significantly impact eDiscovery and computer forensics software and … Read more

Forensic Implications of iOS Lockdown (Pairing) Records

12th May 202014th November 2016

by ElcomSoft

In recent versions of iOS, successful acquisition of a locked device is no longer a given. Multiple protection layers and Apple’s new policy on handling government requests make forensic experts look elsewhere when investigating Apple smartphones.

In this … Read more

InSig2 LawTech 2016 – Brussels 7th – 8th November

19th May 202026th September 2016

From the 7th – 8th of November 2016, Forensic Focus will be attending InSig2’s Law Tech Europe conference in Brussels, Belgium. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, … Read more