A variety of forensical tidbits this week, from new tools to a history of photo manipulation, and a relaxation of the PI requirement in VA. If you have an interesting item you think should be included in the Digital Forensics Case Leads posts, you can send it to firstname.lastname@example.org.
- Mandiant has released an update to their Highlighter tool to V1.1.2. You can read information about the update here.
- Dell has extended their digital forensics line to include a mobile offering, consisting of a hardware/software bundle to enable faster evidence collection at incident locations. Check out the toys.
Those of you who have been following our weekly Case Leads articles may have noticed that we've made several mentions of the new issue (#4) of Digital Forensics Magazine.SANS has developed a relationship with the good people over at DFM that we hope will prove beneficial to the Forensics and Incident Response community, and we're trying to highlight some of the interesting elements that have arisen from that relationship.
As of Issue 4, our own forensicator-in-chief, Rob Lee, has become a Contributing Author for Digital Forensics Magazine. I have been in contact with the publisher, Tony Campbell, who has generously given us permission to re-print Rob's first article here. So, in a fairly egregious form of hijacking, I am also using Rob's article as a launch pad for a series of posts I've begun writing under the series name "Getting Started in Digital Forensics." Thanks to both Rob and
It was that time again, GCFA recertification. This was going to be my third SANS GCFA recertification attempt. This year I had an option, exam or CMUs (Certification Maintenance Units). I had the CMUs necessary for submission. The problem was, I could apply them to my G7799 Certification or my GCFA certification. I chose the exam option for my GCFA.
I consider the exam and the provided materials an outstanding way to get the least expensive SANS course available. It is one of the real benefits to a certified SANS alum. Anyone who is certified and has used the materials would agree in the value. The newest materials, updated tools provided
Do computer forensic examiners have to be licensed as private investigators? Well, that varies by state. Benjamin Wright has discussed the PI requirementhere and Texas PI legislationhere.Scott Moulton provided some insight to Michigan and the CISSP requirementhere. I do not plan to regurgitate their research or viewpoints, but rather continue the discussion and provide some additional information in regards to another