Digital Forensics

Since 2004 I have been involved in conducting digital forensic analyses and have performed well over 1,000 examinations of computers, servers, mobile devices, IoT devices, drones, game consoles, and just about anything else that can be examined. These examinations have been done to support criminal investigations, civil litigation, HR investigations, and research. I have also been qualified as an expert witness in state and federal court numerous times in the area of digital forensics, cybersecurity, and technology-facilitated crimes.

Through this experience I have been able to build several teams, forensic laboratories, facilities, security operation centers (SOC), and incident response capabilities. This has included bringing in the people, processes, and technologies necessary to be successful at digital forensics and incident response. Part of this experience has included going through the entire process of ISO 17025 laboratory accreditation and at the time, I was the director of the only such accredited non-federal standalone digital forensics laboratory in the U.S.

There are a lot of lessons I have learned over the years and I hope to provide some of those here, as well as some best practices and resources that practitioners and digital forensic leaders may find useful.

Forensic Resources
Find a variety of digital forensic resources available here with information being added as often as possible.
Digital Forensics Blog Posts
Coming Soon…
This section is still being built.
Coming Soon…
This section is still being built.
Coming Soon…
This section is still being built.
Coming Soon…
This section is still being built.
Coming Soon…
This section is still being built.


Using Digital Forensics to Solve Missing Person Cases
person looking out of a window
CorelDRAW and OneDrive Failing to Install on Mac OS
CorelDRAW installation successful screenshot
Windows 10 Parental Control Settings
Screenshot of Windows 10 child settings
iOS 11 Parental Control Settings
Cybersecurity Considerations with Bring Your Own Device (BYOD) Implementations
Word cloud for BYOD
Digital Forensics / Incident Response Forms, Policies, and Procedures
Screenshot of Chain of Custody Form
Disheveled Digital Forensics: The Impact of Inconsistent Standards, Certifications, and Accreditation
Screen Shot 2015-05-10 at 8.56.40 PM
Using a SAN or NAS to Store Digital Evidence

Leave a comment

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.