Forensic Workflows and Incident Response Playbooks
Learning Objectives:
- Determine where forensics will fit in an incident response playbook.
- Describe how does the NIST Cybersecurity Framework apply to forensics.
- Identify what information to collect in an incident.
- Distinguish what data types will supply the most information efficiently.
Credits:
Training may qualify for related continuing education for recertification activity through NICET. Students may claim one (1) Continuing Professional Development (CPD) point per hour of instruction towards their NICET recertification requirement for any sessions that expand their knowledge of the subject matter pertaining to the certifications they hold.
Participants completing this course may be eligible to receive Continuing Professional Education credit or CPEs toward ASIS re-certification.
This presentation will focus on where to apply forensic investigations to your incident response plan utilizing resources from CISA and NIST. Forensic collection, preservation, and analysis may be important and sometimes required when addressing a breach.
Photo courtesy of Getty Images
|
Justin Tolman has been working in digital forensics for 12 years. He has a bachelor’s degree in Computer Information Technology from BYU-Idaho and a master’s degree in Cyber Forensics from Purdue University. After graduating he worked as a Computer Forensic Specialist with the Ohio Bureau of Criminal Investigation. He joined AccessData in 2015 as a senior instructor where he trained digital forensic professionals worldwide in forensic tools, concepts, and workflows. He was later promoted to Director of Training over North America. Justin has written training manuals on computer and mobile device forensics, as well as (his personal favorite) SQLite database analysis. Justin currently works as the Forensic Subject Matter Expert and Evangelist at Exterro following the purchase of AccessData by Exterro. He is frequently presenting at conferences, on webinars, and hosts a podcast and produces YouTube content related to digital forensics and Forensic Toolkit. |
 |
Founded in 2008 based on the belief that e-discovery is a business process like any other, subject to measurement, management, and optimization, Exterro has grown organically and through acquisitions into the industry leader providing legal technology’s only comprehensive Legal GRC software platform. Today, our passionate, talented, and experienced leadership team leads our efforts to deliver industry-defining software and world-class service to our partners and clients. Gain control over organizational data and minimize the risks posed by litigation, privacy regulations, and cybersecurity threats with Exterro’s unified e-discovery, privacy compliance, and digital forensics software. Get a comprehensive view of exactly what happened and who was involved. With our award-winning, court-cited digital forensics expertise, Exterro gives you the industry’s best tools to help you analyze computers, mobile devices and network communications. When you know more, you can do more. No matter the type of forensic investigation, there’s an FTK Solution designed specifically for your investigative workflow – all with the industry’s fastest processing engine for repeatable, defensible, forensically-sound collection and analysis. |
