Triage and Digital Forensic Strategy
Presentation slides

Slides are available for Bruce Ramsay’s recent presentation on Triage

In the presentation Bruce explored:

  • How can triage be used most effectively?
  • How do triage techniques fit into the overall Digital Forensic Strategy?
  • When are triage techniques most appropriately used, and when are they inappropriate?
  • When should triage be used on-site, through a kiosk, and as a means of prioritisation in the lab?

Key Learning Points:

  • A digital forensics strategy without triage introduces backlog delay risk, which can be significant.
  • There is a need and place for triage in a digital forensics workflow.
  • Triage should not simply be a case of doing a ‘light’ exam on a restricted search space, although that has been best practice so far.
  • Cyan Forensics have created a new tool for Triage, based on best practice, and it’s available to trail with your data now.

With increasing numbers of digital devices submitted for evidence, good triage techniques offer the potential to sift rapidly and reduce the number of devices subjected to a full examination.

Used properly, triage can reduce risk and costs associated with investigations, as well as addressing shortages of digital forensics capacity. However, poorly conducted triage can miss important evidence and increase risks.

Please enter your details to receive a download link:

This site uses cookies to enhance your visit. By continuing to use the site you are agreeing to our Privacy Policy.