technical: digital forensics
by Brent Kirkpatrick
(Date Published: 04/14/2017.)
The goal of doing "forensics" is to take a hacked computer, examine all the exploits on it, and discuss with statistical confidence, the mechanisms of the responsible exploit(s). Attribution, or who-done-it, is the responsibility of investigators and detectives, not computer experts.
Doing computer forensics is an art, similar to doing statistical consulting. In both cases, one is looking for a needle-in-a-haystack. Both require a magic touch or talent. Hackers try to hide their exploits, and sometimes they even clean up after themselves. So, capturing and analyzing an exploit is different every time.
defendIT (TM). AI-driven security measures derived from security incident data.