Employee Turnover And Computer Forensic Analysis Best Practices

by Larry Lieb

Organizations historically have struggled with addressing terminated employees’ important evidence sources such as company-issued laptops, oftentimes materially affecting the organization’s ability to deal effectively with disputes that arise after an employee leaves the company.

This article will … Read more

Windows Registry Analysis 101

by Chirath De Alwis

Computer forensics is the process of methodically examining computer media (hard disks, diskettes, tapes, etc.) for evidence [1].  When considering computer forensics, registry forensics plays a huge role because of the amount of the data that Read more

Evidence Acquisition Using Accessdata FTK Imager

by Chirath De Alwis

Forensic Toolkit or FTK is a computer forensics software product made by AccessData. This is a Windows based commercial product. For forensic investigations, the same development team has created a free version of the commercial product … Read more

Encrypt it, but Don’t Trust It

This is not about acquisition tools, but about understanding why we need to test our tools even if the tool was just updated.  The latest and greatest tool without testing can be a risk factor just like the old and … Read more