Hello, and welcome to the “Everything DFIR…” blog! My name is John Asmussen, and I am a digital forensics practitioner. A little background about myself - currently I am a criminal investigator with the Louisiana State Police and I have over 22 years of law enforcement service. For the past 15 years I have been assigned to the FBI New Orleans Division as a Task Force Officer, where I have investigated various types of cyber crimes ranging from Internet Crimes Against Children (ICAC), business email compromises (BEC’s), computer intrusions, ransomware and malware cases, theft of intellectual property, and sextortion cases. I have successfully completed numerous digital forensic courses and hold several digital forensic certifications including: GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH), GIAC Battlefield Forensics Acquisition (GBFA), GIAC Advanced Smartphone Forensics (GASF), and many more. I have testified numerous times in criminal and civil cases and I have been certified as an expert witness in digital forensics in both the 4th and 6th Judicial Districts of Louisiana.
In 2013, I started my own (part-time) business, EGA Technology Specialists, LLC, an information technology firm that specializes in digital forensics. In the beginning, I worked primarily on civil litigations - mainly divorce cases and family court/child custody hearings. Over the years the business began to grow and I started taking on larger cases including corporate cases involving employee misconduct, theft of intellectual property, fraud, and embezzlement. My business not only performs traditional digital forensic examinations, but we assist legal teams and their clients to understand the digital evidence, and help them see the value of the digital evidence, or in some cases the lack of evidence, in their case. This collaborative process directly correlates to the legal team’s overall strategy successfully moving forward through the judicial system.
While I have a considerable amount of training, certifications, and experience in the field of digital forensics, I am far from being an “all knowing expert” in this field. The simple fact is, there are too many different types of technologies, operating systems, devices, applications, protocols, and platforms in common use today; and each of these examples are constantly updating and evolving at a pace that makes it impossible for one person to be an expert in all of these areas at the same time. One of the many things that I love about the DFIR community is the free and open sharing of information by knowledgeable practitioners that work in this field. I have been very fortunate to learn from some of the very best practitioners in the industry. But I am guilty of taking advantage of all of the free training and information shared by so many great people and not giving back to the community. This is partly due to feelings of “Imposter Syndrome” (an inaccurate feeling I sometimes have because I am not as “good” or “knowledgeable” as other practitioners in a particular field). The truth is we can all learn from one another and we can all bring some value to this field while helping others along our way. It is my new goal to give back to the community by sharing some of my strengths and knowledge that I have learned along my way and to document my future learning of “new to me” projects that I plan to tackle in the coming months and years.
Finally, my promise to you - the reader; I will stick to the basics using proven forensic methods and practices; we will learn about the forensic artifacts of a given topic at a low level; we will explore tools and scripts that help to automate the forensics process and reach accurate conclusions based on the evidence analyzed. I also promise to remain vendor neutral (whenever possible) and review commercial tools with a neutral and impartial viewpoint. I will always disclose at the time of publication any personal or professional relationships I may have with a particular vendor or company and any gifts, sponsorships, or other incentives offered or received from any entity during my future endeavors with this blog. This way you, the reader, can have faith knowing any product or tool that I use, feature, or recommend comes from a tried and true process that I found to be useful and accurate during my testing, evaluation, and use in my examinations.
If you made it this far, thank you for taking the time to read my blog! Be sure to bookmark this page and check back often for new posts and content. You can follow me on the below listed social media sites where I will also share information related to the field of digital forensics. My posts on these social media accounts will always remain professional and will not contain any political, religious, social, or other controversial topics. Thank you again and I look forward to our journey together.
This is great! Trusted info from a trusted source!
ReplyDelete