± Forensic Focus Partners
± Your Account
|New Today: 0||Overall: 33043|
|New Yesterday: 0||Visitors: 178|
± Latest Jobs
± Latest Articles
± Latest Webinars
InterviewsBack to top Back to main Skip to menu
It’s true that necessity is the mother of invention, which is how F-Response came into being. As a computer security & forensics firm we are asked to be both accurate and efficient. I have never had a client tell me to “image and analyze everything- I don’t care how long it takes or how much it costs.” No – our clients want us to provide them with the right answers; but they want us to attain these answers as quickly and efficiently as possible.
That presented us with a challenge. What do we need to do to conduct forensically sound analysis on a live machine so that we can minimize customer down time and collect only the evidence we need, when we need it? more ...
I’ve enjoyed over twelve years in recruitment, starting out in the city [London] specialising in IT within Investment Banking.
The area that really interested me was Information Security, and after a successful period in this sector, I further refined my focus into computer forensics. Then, in 2003, I decided to take the plunge and set up Appointments-UK.
My reasons were simple and remain the underlying vision for my company today: when contacting a recruiter you want them to demonstrate good market knowledge and a genuine understanding of the companies, personalities, trends, conditions and pressures that impact your sector. At Appointments-UK all our people offer this. more ...
Originally I started programming WinHex because I needed a hex editor and disk editor myself and at that time there was none for Windows 3.1. I used it for example to get Windows to read MIDI files that my synthesizer saved on floppy disks. Later I released WinHex as shareware, and people started using it for a variety of purposes (there are countless things you can do with a hex editor in very specific situations). I continued developing WinHex in my spare time while studying information systems. Eventually people in computer forensics used it when their main forensics package would not work, such as for manual data recovery if the file system was too heavily corrupted or because the amount of pictures present on a disk rendered their software too slow, or for specific tasks like extracting slack space, etc. more ...
After law school I practiced commercial litigation for about 8 years before joining Guidance Software in 1999. During my pre-1999 litigation days, when we conducted paper-based discovery or oversaw internal investigations for a client, I always wondered about the information on the workstations and email servers. Why wasn't there a good process to recover that data? Where was the law that governed all the various issues concerning computer-based evidence? It was a relatively uncharted area of the law that presented an exciting challenge. So when the opportunity to work with Guidance arose, it was an easy decision.
Broadly speaking, how knowledgeable is the legal profession with regard to computer forensics?
I think this is a very important question because we've seen a dramatic shift in the past two to three years. more ...
When I first got started in computer security, I quickly noticed the number of people who were Linux or Unix gurus. The next thing I noticed was that there was an inability (or lack of desire) to transition to the Windows world. What I find most appealing about investigating computer misuse is that a great deal of it occurs on Windows systems, which is the platform that I've focused on, almost since the beginning.
Computer crimes require a good deal of technical knowledge in order for the examiner to thoroughly investigate them. However, this is not all that is required. The examiner must also have the ability to communicate his findings to the client, who may not be as technically proficient. And there is more to the picture than simply locating an artifact or two during an examination. The investigator must be able to correlate multiple artifacts, as the information can move from convicting to exonerating the individual. more ...