Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

So, who am I?

Many are probably wondering who I am and if this is worth their own time. My hope is that it will be! To start, I won’t go into my background too much…if you want to know it you’ll probably be able to ask around to put the pieces together. Also, I’m not of the kind of person who thinks degrees and certs make the person. Do I have those? Yes, I do. We will leave it at that.

My first, and probably only, claim to fame within the community has been the GCFA gold paper I wrote: https://www.sans.org/reading-room/whitepapers/forensics/filesystem-timestamps-tick-36842. It was the first time I really branched out and it was very worth while. I would solicit everyone to do that deeper dive research to further the field. How did I come up with this? It really came to be that I just didn’t understand how timestamps would reflect if it was bouncing around a bunch of filesystems. And low and behold, the paper wrote itself. Seriously…I had this thing written before I even submitted the idea to GIAC for the gold paper. That was just how easy it was!

That is my urge to you on this Sunday…find something you’re passionate about and start researching it! After speaking with many of our peers over the last weekend, I am going back to that paper and revising it. Namely to make it cleaner and much more visual friendly. So be on the lookout!

Related Posts