Welcome

Welcome to Journey into Incident Response.

The purpose of this blog is to share my experiences about learning the process of investigating security incidents from both the management and technical perspectives.

My journey into incident response started with my desire to combine my background in performing security assessments with digital forensics. If you can find and sometimes exploit weaknesses in an information security program; can’t that same knowledge be leverage in investigating security incidents? I thought it could and this blog will discuss the approach I am taking by sharing the research and testing I have been doing on this subject.

A little background about myself; I am currently an IT Specialist employed in the New York State public sector. I have over 9 years experience in the information technology field involving desktop support, Microsoft Windows server administration, and networking. I have over 5 years of experience in information security involving security assessments, vulnerability management, and configuration management. For the past three years I have had the opportunity to perform security assessments and audits against enterprise-wide information security programs. In addition to performing security assessments, I have been involved with conducting digital forensic investigations in support of financial audits and acceptable use policy violations.

The digital forensic community has a wealth of knowledge and is willing to share that information for the benefit of everyone. The sharing includes techniques, tools, findings, and advice. This blog is my effort to share back to the community that is helping me on my journey into the digital forensics and incident response fields.

Enjoy, thank you for visiting, and stay tuned …...