Hunting in the enterprise: Forensic triage and incident response

Bilby, 2012 Brezinski, 2002 Cantrell, 2012, Research toward a partially-automated, and crime specific digital triage process model, Computer and Information Science, 5, 29, 10.5539/cis.v5n2p29 Casey, 2006, Investigating sophisticated security breaches, Communications of the ACM, 49, 48, 10.1145/1113034.1113068 Chang, 2008, Bigtable: a distributed storage system for structured data, ACM Transactions on Computer Systems (TOCS), 26, 4, 10.1145/1365815.1365816 Chow, 2010, vol. 337 Cohen, 2009, Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow, Journal of Digital Investigation, 6, S57, 10.1016/j.diin.2009.06.010 Cohen, 2011, Distributed forensics and incident response in the enterprise, Journal of Digital Investigation, 8, S101, 10.1016/j.diin.2011.05.012 Cox, 2007 Endicott-Popovsky, 2007, A theoretical framework for organizational network forensic readiness, Journal of Computers, 2, 1, 10.4304/jcp.2.3.1-11 F-Response, 2013 Farmer, 2005, vol. 18 Guidance Software Inc., 2012 Guidance Software Inc., 2012 Hogan, 2007 Iserson, 2007, Triage in medicine, part i: concept, history, and types, Annals of Emergency Medicine, 49, 275, 10.1016/j.annemergmed.2006.05.019 Jones, 2012, The use of random sampling in investigations involving child abuse material, Digital Investigation, 9, S99, 10.1016/j.diin.2012.05.011 Khurana, 2009, Palantir: a framework for collaborative incident response and investigation, 38 Lim, 2009, Applying a stepwise forensic approach to incident response and computer usage analysis, 1 Mitropoulos, 2006, On incident handling and response: a state-of-the-art approach, Computers & Security, 25, 351, 10.1016/j.cose.2005.09.006 Richard, 2006, Next-generation digital forensics, Communications of the ACM, 49, 76, 10.1145/1113034.1113074 Rogers M, Goldman J, Mislan R, Wedge T, Debrota S. Computer forensics field triage process model. In: Proceeding of the Conference on Digital Forensics Security and Law; 2006. p. 27–40. Schuster, 2008, The impact of Microsoft Windows pool allocation strategies on memory forensics, Digital Investigation, 5, S58, 10.1016/j.diin.2008.05.007 Supreme Court of United States, 1963. Brady v. Maryland 373 US 83. Tan, 2001 Various, 2012 Various, 2012 Vömel, 2011, A survey of main memory acquisition and analysis techniques for the windows operating system, Digital Investigation, 8, 3, 10.1016/j.diin.2011.06.002 Walters, 2007, 1