Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Screencast Tool to Preserve Cyber Investigation Evidence

February 2, 2011

Ben Wright has an interesting post on the SANS blog about using a screencast tool to preserve cyber investigation evidence. The software he uses is BB Flashback. The neat part of his video showing the tool in use is that this is a great way to present the results of the investigation in court, having split screens showing both the investigator describing what he is doing while you can simultaneously watch his computer screen as he navigates the Internet.

Ben focuses more on the authentication of the investigation, which wasn't the part that interested me as much, though it is valuable. Still, the bar for authentication is very low (unless you're in Judge Grimm's court) in most places. Even though websites may change, investigators currently preserve the websites as they existed at the time of the investigation and get that evidence in without much problem. The compelling part is how easy it is to understand via the screenshots precisely what the investigator did. No matter how paitently an expert witness explains what he did, it is far easier to comprehend when you're watching it. Thought-provoking post Ben.

E-mail: Phone: 703-359-0700

www.senseient.com

http://twitter.com/sharonnelsonesq

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Screencast Tool to Preserve Cyber Investigation Evidence

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer