
DFSP # 443 - Standard Actions
Every incident response outfit should have a set of guidelines for their team which outlines the standard actions or common considerations for security investigations. In this episode, I highlight som...
13 Elo 202438min

DFSP # 442 - Database Response
Understanding the different types of databases is important for security incident response investigations, as databases are often targeted by attackers seeking sensitive information. Each database typ...
6 Elo 202431min

DFSP # 441 - CIS Benchmarks
CIS (Center for Internet Security) Benchmarks provide a comprehensive set of best practices for securing IT systems and data, which are vital for security response investigations. These benchmarks, de...
30 Heinä 202426min

DFSP # 440 - ABCs of BECs
Business Email Compromise (BEC) forensics involves the meticulous investigation of cyberattacks where attackers infiltrate email systems to manipulate business communications for financial gain. These...
23 Heinä 202424min

DFSP # 439 - Remoting Windows
Remote Desktop Protocol (RDP) is a crucial artifact in digital forensics due to its extensive use for remote system access. Analyzing RDP activities can uncover vital information about unauthorized ac...
16 Heinä 202423min

DFSP # 438 - Old Nix
This week, I will be discussing the Linux operating system from a DFIR perspective. It is highly recommended for every examiner to become proficient in Linux, especially with the increasing prevalence...
9 Heinä 202432min

DFSP # 437 - Windows Autoruns
In Windows forensics, understanding the intricacies of autorun functionalities and the Windows Registry is essential for effective incident response and investigation. Autorun mechanisms, which allow ...
2 Heinä 202424min

DFSP # 436 - Ja-Who?
The JOHARI methodology simply provides a structure for something that you're probably already doing. However, with the structure comes a standard, which is the benefit to any security team. The team s...
25 Kesä 202422min














