I don't care they've "been doing this for 20 years". Be very very wary of anyone who tells you the contrary. Let me assure you, you are correct - there is too much for an one person to know. You want to HAVE these tools, and more importantly you want to know how to USE these tools! How do you parse a registry? What is file carving anyway? How do I use a regex to find credit card data? What does all of this look like? AHHHHHHH!!! There is TOO MUCH! So you being where you are, I would also assume that you want to get better. Inundated with tools, EnCase, FTK, TSK, Helix, SMART, F-Response, and MFL (just to name a very few). Interested in this line of work.how to break into the field, where to begin, who to contact, who will give you a chance? Overwhelmed with tools, techniques, terms like MD5, non-repudiation, analysis, and file carving. It was not too long ago, that I was where you most likely are now.interested, overwhelmed, inundated. I assume that if you are taking the time to read this blog, you are trying to improve your forensic and incident response skills. Now, I realize that this may sound rather harsh, so please let me assure you - I intended it to be. I finished up with "The Alexiou Principle" in which I wrote about having clearly defined expectations, you establish an investigation plan, and you follow through with the plan by asking and answering quantifiable questions. I followed up with, "Trust" where I wrote about trusting your instincts, and never being satisfied with simply doing the minimum, but allowing yourself to be woken up at zero-dark-thirty to work on a case. I started with "Semper Gumby" where I wrote about being flexible and allowing the evidence guide you rather than your theories dictate what the evidence said. I did this intentionally because I believe whole heartedly that without integrating these critical building blocks of investigative theory into your personal methodology, you will not - and I really mean this - WILL NOT be anything more than an average investigator. As some of you have noticed, the first few posts on TheDigitalStandard are centered around foundational principles of investigation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |