Best Damn Cybercrime and Digital Forensics Book Period

Posted on by Ben Rothke

My review of Best Damn Cybercrime and Digital Forensics Book Period is from the July 2010 issue of Security Management Magazine

Immediately after a crime takes place, police secure and cordon off the location. Even those not in law enforcement recognize the need to secure a crime scene to preserve the integrity of the forensic evidence. When it comes to digital forensics, many professionals do not have the same level of expertise in securing their own digital infrastructure. 

This book, with the not-so-humble title of Best Damn Cybercrime and Forensics Book Period, is indeed a very good starting point to gain that requisite level of digital forensic knowledge. The book shows the reader just about everything he or she needs to know about the entire process of electronic discovery and digital forensics. 

The book’s 20 chapters cover the entire spectrum of the forensic process. The first several provide a high-level overview. Chapter six offers a thorough review of forensic software and hardware solutions. Additional chapters contain valuable details on investigations and analysis software, such as Windows and Linux, and routers and other technologies. The book concludes with chapters on BlackBerry devices and MP3 file issues. 

The work shines in that it provides various insights from 19 different authors, all of whom have significant real-world experience. The downside is one of consistency—always a problem with collaborative works such as this—the fact that there are multiple authors generally means that some chapters are better written than others, and that is the case here. 

While the book’s title flirts with hubris (there are indeed better cybercrime and forensics books), it is nonetheless a valuable introduction and resource. Anyone looking to get a comprehensive overview of digital forensics will find this a rewarding read.

Ben Rothke

Senior Information Security Manager, Tapad

forensics & e-discovery

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment.  Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA® Conference, RSA Security LLC or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community