#jobs #incident #vulnerability #patch-management #security-tools #ai #detection-engineering #exploit #malware #cloud #breach #phishing #ransomware #zero-day #authentication
Articles tagged with: #dfir Clear filter
AI Principles for DFIR

AI Principles for DFIR

Computer Forensics www.reddit.com

I thought I'd share with this group to get thoughts. We drafted up principles for using AI in our software and none of them seem like they should be unique to any one vendor. Anything you think should be added or removed? I copied them here, but they are also in the link below. Human in Control: The investigator will always have a chance to review results from automated scoring and generative AI. The software is designed to support, not replace, human expertise. Traceability : Results will...

#dfir
Forensic-Timeliner - Windows Forensic Tool for DFIR Investigators

Forensic-Timeliner - Windows Forensic Tool for DFIR Investigators

Cyber Security News cybersecuritynews.com

Forensic-Timeliner, a Windows forensic tool for DFIR investigators, has released version 2.2, which offers enhanced automation and improved artifact support for digital forensics and incident response operations. This high-speed processing engine consolidates CSV output from leading triage utilities into a unified timeline, empowering analysts to reconstruct event sequences and identify key indicators of compromise rapidly.

#security-tools #incident #incident-response #dfir
[Tool] Built CyberBlueSOC - Deploy a Full SOC Lab in less than an hour (Open Source)

[Tool] Built CyberBlueSOC - Deploy a Full SOC Lab in less than an hour (Open Source)

cybersecurity www.reddit.com

I've been working on solving a problem I kept running into: setting up a SOC lab environment takes forever. Manual configuration of Wazuh, MISP, Velociraptor, Suricata, and other tools can take days. So I built CyberBlueSOC - a containerized platform that deploys 15+ integrated security tools with one command. What's included: - SIEM: Wazuh - Threat Intel: MISP (auto-populated with 280K+ IOCs) - DFIR: Velociraptor, Arkime - SOAR: Shuffle, TheHive/Cortex - Network Detection: Suricata, EveBox -...

#security-tools #detection-engineering #siem #dfir #soar
Don't know what to do next?

Don't know what to do next?

cybersecurity www.reddit.com

Security is my hobby for 19 years now. I was in soc and dfir for 6 years, 3 sec infra and 3 red teaming now. I'm quite good at evasion and tool/malware development. I have gdat, osep crte and crto2. But what next? I am bored as hell by most of the industry stuff nowadays. I'm not career oriented, more technology enthusiast. I'm bad at reversing (gives me headaches) and I've never done any exploit dev. But neither have I done much cloud stuff, which seems promising too. So what should I dig into...

#cloud #security-tools #incident #malware #dfir
Some book recommendations for beginners?

Some book recommendations for beginners?

Computer Forensics www.reddit.com

Hey, As the title suggests, are there any books you can recommend for beginners who look to shift to DFIR? I do have IT knowledge at advance level as I worked in IT for 8 years 5 of as a software developer and the other 3 in infra. Thank you :) submitted by /u/medjedxo [link] [comments]

#dfir
Getting experience in EDRs?

Getting experience in EDRs?

cybersecurity www.reddit.com

I'm looking to get into DFIR consulting. Last job I applied for I didn't get as they were looking for someone with 'alot of EDR experience.' I'm a forensics guy so while Ive used crowdstrike some it's not usually what I do, but I'm seeing EDR experience in more and more job reqs. Any tips on gaining more EDR experience? How does one gain experience in multiple EDRs? submitted by /u/internal_logging [link] [comments]

#edr #dfir
Digital Forensics Round-Up, September 17 2025

Digital Forensics Round-Up, September 17 2025

Forensic Focus www.forensicfocus.com

Read the latest DFIR news - AI models tested on mobile evidence, macOS 26 forensic challenges, SOLVE-IT alpha release, automotive forensics challenges, and more.

#dfir
SANS BACS or WGU Software Engineering Degree?

SANS BACS or WGU Software Engineering Degree?

cybersecurity www.reddit.com

Hello, I'm a senior analyst who does a lot of DFIR related work. 5 years experience. I am interested in moving over to a security engineering role that involves more automation/coding. However, I still very much enjoy and want to operational/investigative aspects of cyber. I have light experience coding, as in I can read code and cane do little programs but have not built anything substantial. Without giving the extra $20k cost of SANS too much favor to WGU, which degree do you believe would be...

#dfir
How to start a digital forensics firm?

How to start a digital forensics firm?

Computer Forensics www.reddit.com

I am a seasoned DFIR expert (10 years), with multiple high-level certs and a degree. My wife is an attorney (partner) in the patent litigation field. We are considering joining forces and starting our own firm in Virginia. Does anyone know what regulatory and licensing hurdles we need to jump through? I have an LLC, and all the DFIR gear/tools. Any direction or input would be huge. submitted by /u/DeezeNUTS007 [link] [comments]

#dfir
Thoughts on shop tools

Thoughts on shop tools

Computer Forensics www.reddit.com

I love Axiom, but it's getting too pricey for my small DFIR shop. I'm thinking of instead of having Axiom, get Cyber Triage and Xways. I heard Xways can do phones, how's that? We rarely get phones, maybe one or two a year, so i just need it to be able to do simple analysis. Thoughts? Recommendations? submitted by /u/internal_logging [link] [comments]

#dfir
Does Security and Loss Prevention(SLP) experience count in Cybersecurity jobs?

Does Security and Loss Prevention(SLP) experience count in Cybersecurity jobs?

cybersecurity www.reddit.com

Hello everyone. I am a recent Postgraduate in DFIR, I tried my luck in Job search for entry level roles in DFIR, SOC Analyst for three months but I didn't even landed a interview. And then this SLP role (contractual) came through a friend of mine. And its a big corp. The pay is good but I don't want to continue working here, I want to work in Cybersecurity. My question is will this experience (Let's say 1 year if i continue working) help in my next role? Basically what I do here is Monitor...

#dfir
Digital Forensics Round-Up, September 10 2025

Digital Forensics Round-Up, September 10 2025

Forensic Focus www.forensicfocus.com

Read the latest DFIR news - UK police forensics backlogs, AI vs human investigators, new mental health support for DFIs, Jersey Police digital evidence app, and more.

#dfir