|In 2012 I took the FOR408 class (Windows forensic analysis), which helped me a bit on the incident response side. What do you want to get into, though? Digital Forensics is useful for legal investigations and incident response. I usually associate EnCase and FTK with law enforcement and criminal investigations. Which area are you more interested in?||
Apr 16th 2015
3 years ago
I've been a web application and database developer for years, and have always inherited some of the network/platform security and management tasks. As I've dug into ways to harden my systems and some rudimentary IR, I've come to like that more than the development roles that I've been doing.
I am in the middle of the FOR408 class (taking my GCFE next month) and have my Security+. I am interested in the security, eDiscovery and forensics aspects, heading towards certs like GCIA, GCIH & GCFA.
Do you have suggestions for what steps to take to get more experience?
Jun 23rd 2015
2 years ago
Hoping an answer is still of interest to this thread, I would suggest to read this very interesting post from Scott J. Roberts "Introduction to DFIR"
He goes through the different area of digital forensics (memory, network, etc.), highlighting which are the skills required for each, pointing also to some useful resources. I think it is a very useful post, even more for those who are just getting into this great field.
Enjoy the reading.
Feb 20th 2016
2 years ago