technical: digital forensics
by Brent Kirkpatrick
(Date Published: 04/14/2017.)
The goal of doing "forensics" is to take a hacked computer, examine all the exploits on it, and discuss with statistical confidence, the mechanisms of the responsible exploit(s). Attribution, or who-done-it, is the responsibility of investigators and detectives, not computer experts.
Doing computer forensics is an art, similar to doing statistical consulting. In both cases, one is looking for a needle-in-a-haystack. Both require a magic touch or talent. Hackers try to hide their exploits, and sometimes they even clean up after themselves. So, capturing and analyzing an exploit is different every time.
defendIT. AI-driven security measures derived from security incident data.