Source: INFOSEC Institute
At the moment you “hold in your hands” our latest edition ofeForensics Open series with the insight into Database Forensics. We decided to focus on a topic that each and every one of us encounters on a daily basis and that we believe will be of your interest and beneficial to read and learn more about it. Our team tried to gather the most practical articles about the topic from our latest few issues to disclose Database Forensics.
In this issue we will focus on three sections: Metadata Analysis Tools and Techniques, eDiscovery and Database Administrator’s Guide to Security. Additionaly we decided to add few articles from our series for beginners – Computer JumpStart Vol. 2, this tome about different operating systems like Windows, Linux and iOS, some open source tools, tips and tricks as it’s never to late for basic stuff.
For sure you will be satisfied with both specialistic and introductory articles prepared by our experienced experts.
The main aim of this issue is to show you how responsibly we treat you and remind you why did you choose our magazine to subscribe. Of course, with free account you have access to all the teasers, but we believe that you’d like to take further steps and fully enjoy our publications.
Check what you can find inside:
1. CORPORATE E-DISCOVERY SUCCESS STARTS WITH INFORMATION GOVERNANCE by Alice E. Burns
E-discovery is one of many critical components of information governance. A well-executed information governance program is the method successful organizations are starting to use to effectively address data growth and e-discovery concerns.
2. E-DISCOVERY AND E-DISCLOSURE: SAME DIFFERENCE?
AN OVERVIEW OF SIMILARITIES AND DIFFERENCES BETWEEN E-DISCOVERY AND E-DISCLOSURE by Jerome Raguin
In the United Kingdom (UK) the generally accepted term is E-Disclosure. In the US it is typically referred to as E-Discovery. Is it just a linguistic variation of the same discipline or do the two terms really reflect a difference in concepts or reality? Are they two sides of the same coins or do these two terms reflect substantial differences?
3. HOW TO TAKE CONTROL OF YOUR DATA by Benjamin Marks and Brent Stanley
Poor quality data might not be searchable but that must not diminish its relevance or the need to understand its content. Whereas predictive coding employs technology that relies upon the search ability of good quality text, what is your workflow for the boxes of paper and the unsearchable electronic files created from third generation scans?
5. NEARLY EVERYTHING IN YOUR CASE IS METADATA by Trent Struttman
There are many forensic tools to help an analyst find out what happened in a case. The most common are the most popular automated forensic tools: EnCase and FTK. Each program provides a wealth of tools for the examiner through both built-in and external scripts. EnCase provides the analyst many tools for metadata analysis within the Case Processor script and great support for third party scripts. FTK has great email and document file analysis tools.
6. DEMYSTIFYING METADATA by Mark Garnett
Metadata are those often quoted, but sometimes misunderstood, attributes of a file that can sometimes provide the sought after breakthrough in determining what happened when on a computer system with respect to particular documents. They are of paramount importance in those investigations involving the theft of intellectual property, electronic discovery, fraud and misconduct investigations and patent disputes.
7. EXTRACTING AND USING METADATA FOR A DIGITAL FORENSIC INVESTIGATION: A STEP-BY_STEP PROCESS by Marc Bleicher
Metadata can often contain that needle in the haystack you’re looking for during a forensics investigation; in fact it has helped me out in the past quite a few times. One particular case that stands out the most was an internal investigation I did for the company I was working for at the time. Most of the cases I dealt with in this role related to employee misconduct, which included wrongful use, inappropriate behavior, harassment, etc. In this situation, metadata was the key piece of evidence in the case of a lost smart phone.
8. FORENSICS COLLECTIONS TO E-DISCOVERY – USING TODAY’S TECHNOLOGY TO BRIDGE THE GAP by Rick Clark
Since the amended United States Federal Rules of Civil Procedure have taken effect in 2006 to incorporate electronically stored information as discoverable, technology in the legal space involves an interesting mix of forensics, e-discovery and review. There are now software companies that have done a great job in bridging the gap from forensic collections to data analysis and data/document review. Forensic departments are now able to offer a full suite of offerings that take the forensic image and present the data in a way that allows investigators to leverage analytics and find the most relevant data quickly.
9. ADDRESSING THE BIG DATA SECURITY by Sushil Pramanic
Data Security rules have changed in the age of Big Data. The V-Force (Volume, Veracity and Variety) has changed the landscape for data processing and storage in many organizations. Organizations are collecting, analyzing, and making decisions based on analysis of massive amounts of data sets from various sources: web logs, click stream data and social media content to gain better insights about their customers. Their business and security in this process is becoming increasingly more important. IBM estimates that 90 percent of the data that now exists have been created in the past two years.
10. INTRODUCTION TO ORACLE DATABASE SECURITY by Jay Munshi
The usual stereotypes would imagine a 16 year old wiz sitting in a small dark corner of his parents basement cracking into Commercial systems just for the fun of it or wants to take the easy way to becoming a millionaire. That is the very stereotype that is least likely of the dangers databases face.
11. CAUSAL INFERENCE ENGINE: THE MISSING LINK IN BIG DATA ANALYTICS. AN INTERVIEW WITH DECISION-ZONE CEO RAJEEV BHARGAVA
The Smart Grid is beginning to open our eyes to a few things we were not aware of when adding intelligence to these massive critical infrastructures. As we add intelligence we are adding big data and we have to find ways to quickly, accurately and security move this data while analyzing its input. Current analytic approaches are already becoming bogged down with the costs and even the inability to decipher what all this data means. Just moving this much data is also adding security risks to the control systems operating the grid infrastructure.
12. THE GOLDEN NUGGET by Paul Gwinnett
In writing an article about computer forensics for beginners I had to consider my ‘Hi Tech/e forensics’ introduction, which couldn’t really be classed an ‘exact science’, more a case of various “digital journeys”, stepping into the unknown and seeking reassurance by way of experiments and ‘sound boarding’ with my old mentor. In this article, I have tried to be as candid and practical as possible in the hope that those in the early stages of their e-forensics’ career can have an insight into some of the issues I faced in my early years and how I dealt with them.
13. TWELVE OPEN-SOURCE LINUX FORENSIC TOOLS by Priscilla Lopez
There are several open-source Linux forensic tool suites and tools such as Kali Linux, DEFT, HELIX, Backtrack, CAINE, Knoppix STD, FCCU, The Penguin Sleuth Kit, ADIA, DFF, SMART, and SIFT. This article will give you a brief overview of the available tool suites. Afterwards, I will show you step-by-step how to install one of the tool suites and run a practice case sample.
14. A BEGINNER’S GUIDE TO FORENSIC IMAGING by Madeline Cheah
Are you starting on the road to a career in digital forensics? Or perhaps a student looking to get onto a course in this field? Maybe you just need a refresher after a little time away? This is a simple guide introducing you to one of the fundamentals of digital forensics, with a legislative narrative to set things in context.
15. THE INTERVIEW WITH TERRY TANG, FOUNDER OF WISECLEANER by Aby Raoa