Discover the definition of the term Forensique presented by Les Assises de la Cybersécurité.

FORENSIQUE

Forensics covers the collection and analysis of computer traces available within a system in order to identify the actions of an attacker or the abuse of a user. Forensic analysis helps to answer questions such as: How did the attacker get in? What vulnerabilities did they exploit? What tools did they use? What are their characteristics? Has any data been exfiltrated? Which data? This analysis is based on both the traces recorded by the systems (event logs) and remanence (memory content that has not yet been purged, snippets of deleted files still accessible in the hard disk structure, etc.).

The forensic expert is generally seen as a persevering and meticulous monk. But unlike the monk, the cyber-forensics community produces neither cheese nor beer.

X
Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.
Confirm