About those case studies…..

We made a change with the case studies in the book, which some may not like…we didn’t do the case studies chapter.

Actually, we spent a lot of time trying to write up case studies, only to find that we were spending more effort and writing on the “how to do forensics’ rather than the ‘how to use XWF’.   As an example, writing about malware analysis with XWF requires a book by itself.

However, we have managed to provide case flow examples with electronic discovery, consent searches/triage, live response, and a myriad of specific examples of how to use XWF in different situations that can be put to use in just about any type of case.  This is on top of going through XWF with a fine tooth comb explaining every nook and cranny to either use XWF with speed and minimal user intervention (as close to a one button approach possible) through the most granular configuration as you want to have in a forensic application.

The layout and organization is simple, to the point, and the information is easy to find (index, appendix, and lots of screenshots).    It will be a required reference book on your desk if you are a user of X-Ways Forensics, whether you started using XWF from its first release or if your first XWF dongle just arrived yesterday.  For anyone that teaches forensics using XWF, you may want to consider this book as required reading for your students to save you a lot of class time teaching ‘how to use XWF’ in class in order to focus on teaching forensics.

Author: Brett Shavers

http://www.amazon.com/author/brettshavers https://www.brettshavers.com https://www.dfir.training

4 thoughts on “About those case studies…..”

  1. Sorry to hear about the case studies, but I totally understand what you mean. I find when I write a blog post about one thing, I wind up having to try to explain other things so the original thing I was writing makes sense. It’s tough putting it all together without having a 20 pound book.

    Looking very forward to the finished product!
    Ken

  2. While we initially wanted to include case studies on a variety of popular case types, in the end it would have turned into us explaining how to do those kinds of cases irrespective of the tool vs explaining the particulars of what X-Ways can do across a wide variety of forensic work. When Brett and I discussed the topic, one of the points that always came up is that we would not be able to do enough justice to complex topics like malware analysis or intellectual property related cases in the limited space we had for case studies.

    Because of this we chose to take a different approach and explain how X-Ways Forensics can address common themes we all see when doing forensic exams. By taking this approach we avoid not covering a case study that is someone’s primary area of expertise (and because of this, one they would most like to see). Another issue with this approach is that the very people who want those particular kinds of case studies would, in many cases, understand the finer details far better than we do because those are the kinds of cases they work all the time. Rather, we explain *what* X-Ways can do vs. how to address a particular exam type.

    In the end we settled on 2 different kinds of case studies: one for e-discovery and another for criminal related matters such as search warrants, knock and talks, triage, probation checks etc.

    Because of the way we have written the book we feel confident people will immediately see how they can leverage the capabilities of X-Ways in their day to day work in their areas of expertise as different bits of X-Ways Forensics functionality are explained.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: