If you conduct digital forensics for incident response internally, what DFIR tools are you using?

Threat Intelligence & Incident ResponseThreat & Vulnerability Management
3.8k viewscircle icon3 Comments
Sort by:
Chief Technology Officer in Media2 years ago

For internal digital forensics in incident response, widely used tools include EnCase, Sleuth Kit, and Autopsy. These tools facilitate thorough analysis of digital evidence, aiding in identifying, mitigating, and learning from security incidents.

CIO in Education2 years ago

I would say it mainly depends on your industry and the scale you need to apply it to. If you are mid-range why pay for a solution, no matter how advanced and robust it may be, while your threat levels are mid-low? In any case, my proposition would be BINALYZE AIR. So far, I have not faced any inconvenience with it.

Chief Information Security Officer in Finance (non-banking)2 years ago

Encase

Content you might like

Any tips for evaluating/implementing solutions for application detection and response? What’s your experience been like with these tools so far?

A CISO would be most effective if they reported directly into...?

Board9%

CEO42%

CIO39%

CTO6%

What CISO?1%

View Results

What are some of the main factors contributing to stress while working in cybersecurity?

Inadequate work-life balance32%

Lack of practicing self-care45%

Shortage of staff and resources55%

Keeping up with an influx of threats/alerts/incidents46%

Pressure from colleagues and management29%

Work culture that prevents open and honest conversations14%

Other – comment below

View Results

What tools/services do you use for CTEM (continuous threat exposure management)?

Read More Comments

How are you making sure the security team has visibility into social engineering attempts on helpdesk staff, especially with attacks using voice impersonation or other deepfake techniques?