PRE-CON SESSION | Expectations of Data: OSINT & DFIR
Understanding the expectation of data can help you to gain a better understanding of the data sources and data availability. Instead of feeling disappointed you did not find the smoking gun you can adjust your technique to a data source that might provide more information. In the search for data, there are multiple techniques to be able to catch the information from OSINT to digital forensics each technique can offer a different data value and quantity. In this session, we will focus on three primary data sources and the expectations of the data through different capture techniques, and how the combination can bring a more holistic approach to the digital investigation process.
One of the biggest challenges in the analysis and investigative realm has been the vast amounts of data that could contribute to a case and how to efficiently leverage that information. Initially, the issue lied within an organization’s own sources but now this has extended beyond the firewall and seems to have no end in sight. When it comes to Open Source Intelligence (OSINT), there is no shortage of data. With this ever-pouring data stream and two arms full of vendors that want to help, how do you determine which or what to go with?
In this session we will define key terms and understand the important questions needing to be addressed in order to leverage current investments and expand into new technologies while meeting all of your requirements to have the most efficient workflow.