Digital Forensic Survival Podcast

Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.

Eine durchschnittliche Folge dieses Podcasts dauert 18m. Bisher sind 317 Folge(n) erschienen. Dieser Podcast erscheint wöchentlich.

Gesamtlänge aller Episoden: 4 days 4 hours 3 minutes


DFSP # 292 - Top Cloud Threats with Blumira

This week Nato Riley from Blumira pays a visit to talk about the top threats to cloud computing.



DFSP # 291 - Lateral MM Fast Triage 3

This week we continue with the Windows fast triage series and talk about lateral movement evidence that may be found in admin shares event records.  Four different types of logs are covered, each containing different information for triage purposes.



DFSP # 290 - Mac Training with SUMURI

This week SUMURI's Steve Whalen (a.k.a. 'MacBoy') and Dave Melvin talk about the latest in Mac training and certification. Learn the advantages of vendor neutral training and how to prioritize it in your own training regiment.



DFSP # 289 - Framing Root Cause

As an analyst, it is important to identify root cause and link it back to security governance strategies. This is dealt with through root cause statements typically. What exactly should you be doing for a root cause statement? How important is it? If...



DFSP # 288 - Max DFIR Impact

Most of my episodes are about computer forensic artifacts and methods. Once in a while I like to cover non-technical topics, such as thoughts and recommendations about career development, subject matter expertise strategies, and impact exposure or...


 2021-08-24  12m

DFSP # 287 - CSA Cloud Threats 6

This week is a continuation of the threats to cloud computing miniseries. We are stepping through the top 11 threats to cloud computing as identified by the Cloud Security alliance. When you are protecting cloud assets or investigating breaches of...


 2021-08-17  11m

DFSP # 286 - Lateral MM Fast Triage 2 [5145]

This week we continue with the Windows fast triage series. We are up to lateral movement and talking about admin shares. On topic this week is event 5145 which is a Windows log that records verbose information about network share objects and it is an...


 2021-08-10  15m

DFSP # 285 - Linux Malware Triage

This week I wanted to take a break from Windows forensics and talk about Linux malware triage. The Linux platform offers forensic analysts the opportunity to do a very decent job performing malware triage. What I mean by this is that you do not need...


 2021-08-03  20m

DFSP # 284 - Fast Triage case study: non-Windows core processes

This week we’re going to take a look at how standard triage methodology can detect advanced attack techniques. Even as a newer examiners, if you learn the standard triage methods that I have covered in the fast triage series, you will find the...


 2021-07-27  15m

DFSP # 283 - CSA Cloud Threats 5

This week we take another look at the top threats to cloud computing. On tap This week is account hijacking. All analysts working in the DFIR field today must be aware of threats to cloud computing in order to be effective in their roles. 


 2021-07-20  10m