More posts

• 

  The Five Stages of the…

  The Five Stages of the DFIR Career Grief Cycle

  I have been a fan of Craig Ball ever since I met him in a forensic course years ago. I was so impressed with Craig,…

  Tuesday September 10

  by Brett Shavers

  29752 hits / 0 comments

• 

  Our World is Going to…

  Our World is Going to Turn Upside Down with DeepFakes

  The short story Any person and their voice, in practically any video (past, present, or future) can have their face and voice digitally replaced with…

  Sunday September 01

  by Brett Shavers

  2140 hits / 0 comments

• 

  If you are comfortable in…

  If you are comfortable in DFIR, you might be doing it wrong

  I took a 3-day basic forensic course and embarrassingly enough, the instructor (in front of the class), said that I probably know everything in the…

  Thursday August 29

  by Brett Shavers

  2550 hits / 0 comments

• 

  Everything I Needed to Know…

  Everything I Needed to Know about Working in DFIR, I Learned in Boot Camp

  You don’t need to experience military life to learn the valuable lessons that are drilled into military recruits.  In fact, you can probably enjoy the…

  Saturday August 17

  by Brett Shavers

  3120 hits / 0 comments

• 

  Personality of a computer

  Personality of a computer

  From a recent discussion that I had with Harlan Carvey about the registry, this topic is something that I touched on lightly in Placing the…

  Wednesday July 31

  by Brett Shavers

  2666 hits / 0 comments

• 

  Add a Dab of Balance…

  Add a Dab of Balance in your DFIR World

  Jessica Hyde ’ s post of Giving Back in DFIR from 2018 is a great write up on contributing to the DFIR community, and I…

  Monday June 24

  by Brett Shavers

  13547 hits / 0 comments

• 

  The Easy Way to Learn…

  The Easy Way to Learn DFIR

  Summary There is no easy way to learn DFIR . You can stop reading from here if you want. Longer version Ok. Since you are…

  Saturday June 08

  by Brett Shavers

  11885 hits / 0 comments

• 

  Game of Thrones, DFIR Style

  Game of Thrones, DFIR Style

  Short post and quick opinion. I came across some tweets today about how bad people are in the #infosec/#DFIR community and I dug a little…

  Thursday April 25

  by Brett Shavers

  26707 hits / 0 comments

• 

  Puking in DFIR

  Puking in DFIR

  Admittedly, the title of this post is intentionally gross, because I am going to heave a few things at you, mainly about puking. As in,…

  Wednesday April 17

  by Brett Shavers

  5094 hits / 0 comments

• 

  The #1 Reason that DFIR…

  The #1 Reason that DFIR practitioners don’t post opinions

    Lesley Carhart tweeted today that a journalist used one of her tweets in an article that would have been rephrased in a less playful…

  Tuesday April 09

  by Brett Shavers

  5299 hits / 0 comments

• 

  If USB flash drives were…

  If USB flash drives were shaped like spiders, we wouldn’t have these problems

  I hate USB drives. My first experiences with the darn things was when I was a young patrol officer and the entire police department was…

  Monday April 08

  by Brett Shavers

  1424 hits / 0 comments

• 

  Working in DFIR is glamorous,…

  Working in DFIR is glamorous, but mostly only to those not working in DFIR...

  Here is something about the DFIR career field: it is one of the most exciting, eventful, and jam-packed jobs that anyone can have. Running and…

  Friday April 05

  by Brett Shavers

  2850 hits / 0 comments

• 

  Overcommitted in DFIR

  Overcommitted in DFIR

  I have seen people be overcommitted, realize that they are overcommitted, yet continue forward in the most serious of situations. By overcommitted, I do not…

  Friday March 22

  by Brett Shavers

  15444 hits / 0 comments

• 

  'You're guilty unless you can…

  'You're guilty unless you can prove it'

  Swift on Security tweeted a great article. The article is not great as a well-written piece or containing earth shattering news piece, but more that…

  Saturday March 09

  by Brett Shavers

  18786 hits / 0 comments

• 

  “I've answered questions, responded to…

  “I've answered questions, responded to emails, and been on phone calls...when asked.” – Harlan Carvey

  I feel obligated to respond to one of Harlan Carvey’s points in his recent blog post, Book Writing Misconceptions ( https://windowsir.blogspot.com/2019/03/book-writing-misconceptions.html ).  I agree with…

  Tuesday March 05

  by Brett Shavers

  2811 hits / 0 comments

• 

  All you need is a…

  All you need is a tiny spark to solve your case.

  During a recent workshop, one person in the class kept asking me for the magic bullet to work his case. By that, I mean that he…

  Saturday March 02

  by Brett Shavers

  2480 hits / 0 comments

• 

  Some CONS are good. Some…

  Some CONS are good. Some cons are bad.

  The bad cons are the criminals that victimize you. The good CONS are the conferences that you were glad to attend.  CTIN is one of…

  Thursday February 14

  by Brett Shavers

  7808 hits / 0 comments

• 

  This is how I know…

  This is how I know someone will make it in DFIR (or in anything)

  The #1 factor is not giving up . The #2 factor is talent . Actually, scratch #2. You can make it without talent if you…

  Wednesday January 09

  by Brett Shavers

  18543 hits / 0 comments

• 

  5 tips in how not…

  5 tips in how not to be outdone, outmaneuvered, or just outright embarrassed in DFIR.

  Short version:

  1. Bring your A Game
  2. Don’t hold back
  3. Be prepared
  4. Know what you claim to know
  5. Fight complacency&... Tuesday January 01 by Brett Shavers 7865 hits / 2 comments Only race cars should burnout. Only race cars should burnout. This week, @taosecurity ( Richard Bejtlich ) wrote an important blog post on managing burnout ( Managing Burnout ). As he mentions in the first… Sunday December 23 by Brett Shavers 24376 hits / 0 comments {source}