Forensics and your Incident Response Playbook

By clicking "Register", you acknowledge that you have read BNP Media’s Privacy Policy, agree to its terms, and consent to allow BNP Media to use your information consistent with the Privacy Policy. You agree your information submitted will be shared with the sponsor(s) of the webinar. To read our Privacy Policy, please click here
Webinar On-Demand
Sponsored by Exterro
Presented by Justin Tolman

Learning Objectives:

  1. Review CISA's published playbook to establish a baseline since every company's incident response (IR) playbook is a little different.
  2. Examine the different areas that forensics can be placed in.
  3. Discuss the specific processes and solutions forensics offers to IR.
  4. Explain how forensic and IR solutions can be directly connected for faster response.


As an IACET Accredited Provider, BNP Media offers IACET CEUs for its learning events that comply with the ANSI/IACET Continuing Education and Training Standard.
Training may qualify for related continuing education for recertification activity through NICET. Students may claim one (1) Continuing Professional Development (CPD) point per hour of instruction towards their NICET recertification requirement for any sessions that expand their knowledge of the subject matter pertaining to the certifications they hold.
Participants completing this course may be eligible to receive Continuing Professional Education credit or CPEs toward ASIS re-certification.

For many companies, incident response (IR) might simply be the end of the process when there is a breach. The importance of a proper incident response plan cannot be understated. But what might often be overlooked is forensics' role in incident response and its importance in strengthening a company's response! This presentation will talk about the forensic technologies and processes that can be leveraged in incident response to make your company more secure in the future.


Photo courtesy of iStock/Getty Images Plus


Justin Tolman, is the Forensic Subject Matter Expert at Exterro. He was formerly the Director of Training for North America at AccessData prior to and after the acquisition by Exterro. Justin has been developing written and video programs and training AccessData clients worldwide for over 7 years. He also consults with clients on investigations and problems related to forensic issues and procedures. In his new role, Justin will be creating content related to forensic processes, technologies, and workflows, including those related to Forensic Toolkit (FTK). He will also interface with forensic professionals industry-wide to produce better tools and workflows that will help investigators be more successful in their work. Prior to working for AccessData, Justin worked as a Computer Forensic Specialist for the state of Ohio’s Bureau of Criminal Investigations. Justin has a Master’s Degree in Cyber Forensics from Purdue University and a Bachelor’s Degree in Computer Information Technology from Brigham Young University—Idaho.


Exterro Founded in 2008 based on the belief that e-discovery is a business process like any other, subject to measurement, management, and optimization, Exterro has grown organically and through acquisitions into the industry leader providing legal technology’s only comprehensive Legal GRC software platform. Today, our passionate, talented, and experienced leadership team leads our efforts to deliver industry-defining software and world-class service to our partners and clients. Gain control over organizational data and minimize the risks posed by litigation, privacy regulations, and cybersecurity threats with Exterro’s unified e-discovery, privacy compliance, and digital forensics software. Get a comprehensive view of exactly what happened and who was involved. With our award-winning, court-cited digital forensics expertise, Exterro gives you the industry’s best tools to help you analyze computers, mobile devices and network communications. When you know more, you can do more. No matter the type of forensic investigation, there’s an FTK Solution designed specifically for your investigative workflow – all with the industry’s fastest processing engine for repeatable, defensible, forensically-sound collection and analysis.


Originally published in April 2023