Brad Garnett Brad Garnett

DFIR: SANS SIFT 3.0 Released

SIFT (SANS Investigative Forensic Toolkit) 3.0 has been released. I plan on doing a series of blog posts to introduce readers to some of the powerful tools that make up the SIFT. The SIFT is free, open source, and consists of many tools that forensic examiners utilize in an exam. Thank you to friend and SANS Faculty Fellow Rob Lee (aka Giant Persistent Friend) for all of his work through the years on maintaining this for the DFIR community. 

If there is a certai functionality or tool in SIFT you would like to see featured, drop me a comment below.

Happy DFIR SIFT-ing!

 

Read More
Brad Garnett Brad Garnett

Hello World

Would there be any other way to welcome you to my new site? So, where have I been? 2013 brought a lot of changes for me professionally and personally. 2014 is looking even brighter! I've always enjoyed blogging and I do plan on being active in 2014, especially since I now have prime real estate space. Please, if you read my blog drop me a comment or two, as it'll help keep me motivated to deliver regular, fresh content! So, what can you expect here? Some news, commentary, and things I am working on in #DFIR. So who is my intended audience? Fellow colleagues (forensic examiners), clients, academia, and anyone wanting to know more about digital forensics. In the future, posts targeted to DFIR colleagues will be tagged as DFIR for your RSS feeds. Since transitioning from LE DFIR to private DFIR consulting, I continue to be a resource for people and businesses in making transactions via the World Wide Web, where forensic technology services can play a critical role in civil litigation, as well as key business and personal decisions. This blog and site will be a single repository and venue for me to share and hopefully further engage with colleagues and clients via a single medium. Now, that I've got my first post out of the way...let's roll!

For those of you attending the 2014 SANS DFIR Summit, see you there! 

Read More