A Conversation about Transitioning to Incident Response
In working on AboutDFIR the last couple months, I’ve come to learn that while digital forensics and incident response share some basic foundational knowledge, they are widely different in practice. I’ve taken SANS FOR500: Windows Forensic Analysis and have been reading the recent articles about vulnerabilities, and have to say it’s been a series of eye-openers, especially coming from a law enforcement digital forensic background, as to how evidence and analysis can differ depending on…