More results...
βTo competently perform rectifying security service, two critical incident response elements are necessary: information and organization.β ~ Robert E. Davis
I’ve been presenting DFIR Redefined: Deeper Functionality for Investigators with R across…
As we celebrate Independence Day, I’m reminded that we honor what was, of course, an armed conflict. Today’s realities, when we think about conflict, are quite different than the days of lining troops up across the field from each other, loading musk…
As you weigh how best to improve your organization’s digital forensics and incident response (DFIR) capabilities heading into 2017, consider Matt Swann’s Incident Response Hierarchy of Needs. Likely, at some point in your career (or therapy π) you’ve h…
I just spent a fair bit of time preparing to take the GIAC Security Expert exam as part of the requirement to recertify every four years. I first took the exam in 2012, and I will tell you, for me, one third of the curriculum is a “use it or lose it” s…
Andrew Case (@attrc) called out Will Ballenthin’s (@williballenthin) Python-evtx on Twitter, reminding me that I’m long overdue in mentioning it here as well.
Will’s Python-evtx description from his website for same follows:
“python-evtx is a pure Py…