Showing posts with label digital forensics. Show all posts
Showing posts with label digital forensics. Show all posts

Border Wars: Incident Response vs. Forensic Investigation

Josh Beckett

In my day job, we often discuss security tools and the respective processes that generate the requirements that demand the use of such tools. Lately, we have been debating incident response tools and processes as contrasted with forensic investigation tools and processes.  Obviously, both have differing benefits that they bring to the general discipline of security.  They also have differing requirements in terms of the tool sets that they require to execute those processes.

To me, the boundaries between forensic investigation and incident response have always been rather clear.  Maybe slightly fuzzy at the exact interface between them, but not a huge gaping canyon of a zone of uncertainty.  However, lately, I'm starting to believe that out there in the rest of the community it may not be so clear.  I could be wrong...it wouldn't be the first time and I'm sure it won't be the last, especially if you ask some of my close friends.

Through the looking glass...blessing or burden?

Josh Beckett

Google Glass coming out has had some interesting implications to the world of security and forensics.  I thought the QR code vulnerability was certainly unique and akin to the drive-by RFID vulnerabilities that exist.  I'm sure we haven't seen the last of such issues.  Google, of course, says this was all part of their plan to really shake out the bugs and round the rough edges that they didn't foresee.  Is that claim more marketing than truth?  Meh, probably a little of each.  It's a nice idea, but I hardly think that even one thousand hacking oriented techies could even scratch the surface of possibilities for what this technology could potentially deliver, good and bad.  Some interesting use cases have already come about, but I think the best are still to come.