Digital forensics is the process of identifying, preserving, analysing, and documenting digital evidence. It is an important part of the Incident Response process where criminal activity has (or is Forensic Investigators identify and record details of the criminal incident, gathering evidence to present in a court of law. In order for digital evidence to be accepted, it must be handled in a very specific way so that there is no opportunity for cyber criminals to tamper with the evidence. There are therefore strict rules and regulations surrounding this process, and adherence can be instrumental to being able to prove innocence or guilt.
Cyber3Sec’s Digital Forensic process has five key steps: