DFIR Training Blog



Publish your #DFIR research!

Here is a brief list of reasons of why I think DFIRrs blog their research rather than formally publish it through a peer review process.

--Blogging is:

     ---faster (minutes to type up and post),

     ---easier (click “post”),

     ---written for the practitioner (“this is how you do it”),

     ---putting out perishable information before it spoils (“applies to the current OS today”).

--Peer review is:

     ---slower (months or years),

     ---more difficult process (lots of steps and hurdles),

     ---written academically (“for the love of all that is good and holy, get to the point!”),

     ---might be outdated by publishing date (“well, no one uses this OS anymore, but when they did…”).

Neither method results in direct a financial gain for the work done.  The time spent will not equal money received, if any money received.  No fame either…

I’m not going to get into the

Read more