Reviews of Digital Forensics Books Posted

Amazon.com just posted three new reviews on digital forensics books. The first is File System Forensics Analysis by Brian Carrier. Here is a link to the five star review.

The second is Windows Forensics by Chad Steel. Here is a link to the four star review.

The third is EnCase Computer Forensics by Steve Bunting and William Wei. Here is a link to the three star review.

All three books share the same introduction.

I decided to read and review three digital forensics books in order to gauge their strengths and weaknesses: "File System Forensic Analysis" (FSFA) by Brian Carrier, "Windows Forensics" (WF) by Chad Steel, and "EnCase Computer Forensics" (ECF) by Steve Bunting and William Wei. All three books contain the word "forensics" in the title, but they are very different. If you want authoritative and deeply technical guidance on understanding file systems, read FSFA. If you want to focus on understanding Windows from an investigator's standpoint, read WA. If you want to know more about EnCase (and are willing to tolerate or ignore information about forensics itself), read ECF.

In the spirit of full disclosure I should mention I am co-author of a forensics book ("Real Digital Forensics") and Brian Carrier cites my book "The Tao of Network Security Monitoring" on p 10. I tried to not let those facts sway my reviews.

Comments

Anonymous said…
This comment has been removed by a blog administrator.
Anonymous said…
WF got 4 stars? Really? Seriously? ;-)

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics