logo ORSYS Le mag

The training and skills medium

Home > Cybersecurity glossary > Forensics

Forensics

Forensic analysis, or forensic in English, is a discipline that applies scientific methods to digital investigation.

In other words, it's the equivalent of a digital crime scene. When a company or individual is the victim of a cyber attack, the forensic specialist intervenes to collect, analyse and interpret digital evidence in order to identify the origin of the attack, the extent of the damage and, if possible, the culprit.

 

📋 Forensic analysis missions

A forensic analyst has many essential tasks:

  • Evidence gathering : it must secure the digital crime scene, identify the relevant data sources (computers, servers, networks, etc.) and carry out a complete and accurate acquisition of data, including log files, deleted data and back-ups.
  • Data analysis : The analyst uses specialised tools to examine the data collected in depth. They look for traces of intrusion, anomalies, deleted files, suspicious communications, etc.
  • Interpretation of results : They must be able to make sense of the data analysed, reconstruct the chronology of events and draw conclusions relevant to the investigation.
  • Report writing : He draws up detailed expert reports for the judicial authorities, companies or private individuals, presenting the results of his investigation clearly and concisely.

 

📜 Certifications and skills required

To become an expert in forensic analysis, a number of certifications and skills are required:

  • Certifications :
    • CHFI (Certified Hacking Forensic Investigator)
    • CEH (Certified Ethical Hacker)
    • GCFA (GIAC Certified Forensic Analyst)
    • CFCE (Certified Forensic Computer Examiner)
  • Technical skills :
    • In-depth knowledge of operating systems (Windows, Linux, macOS)
    • Proficiency in forensic analysis tools (Encase, FTK, Volatility, etc.)
    • Understanding networks and communication protocols
    • Programming and scripting (Python, Bash, PowerShell)
  • Non-technical skills :
    • Analytical and problem-solving skills
    • Thoroughness and attention to detail
    • Ability to work under pressure
    • Excellent written and oral communication skills

 

Back to Glossary

field of training

Cybersecurity

associated training

Systems and network security, level 1

Hacking and security, level 1

Information systems security, summary

BEST

Towards the ORSYS Cyber Academy: a free space dedicated to cybersecurity