Preview Mode Links will not work in preview mode

Feb 5, 2020

Most people I've worked with who do incident response and forensics are dealing with a cyber attack of some sort. Perhaps it's ransomware, maybe a malware infection, or data leak issue. Aaron Weiss and his team from Forensic Recovery handle those cases and they also get called in for some really interesting and different cases on the criminal and civil side ranging from employee fraud to child pornography. In this interview, Aaron and I discuss:

How he got started in the field and his path to computer forensics.

"One of the heads of the computer science program, approached me my senior year and said, "Aaron, would you like to take differential equations or do you want to try computer forensics?", and it was the first computer forensics class. I said, "I have no idea what computer forensics is, but I will gladly sign up!"

How he got started by volunteering with the Sheriff's office cyber crimes squad.

How it's different to work a case like child pornography where you can't take the evidence with you over a period of time and have to do work with investigators on the case watching over everything you do. Also what type of evidence and meta data that can be collected to help find out what is important.

"One click can make or break whether someone ends up in jail or not"

Things like collecting evidence on different forms of social media that is always changing... FYI If you are filing a fraudulent slip and fall case against your employer, it's probably not the best time to go skiing and post on social media...

"There may be a new form of chat or social media that there's no tool for, so we have to figure out what's the best way to preserve evidence"

How to get ahead in your career and what causes plateaus.

"I've seen a lot of CVs in expert witness cases on the opposing side where their CV stops 5 years ago because they've been doing the same thing and they haven't spent the time to continue to learn."

Aaron shares some deep knowledge on reasoning for degrees and certifications and what you can do to get ahead if you are a student or earlier in your career. Here are a few cool ideas:

  1. Show up to anything you can locally. Many conferences have FREE or extremely reduced rates for students.
  2. Take advantage of all the tech and security companies offering free webinars. You can learn a ton of things from those. He gives a couple of specific examples on the podcast.
  3. Set up your own network, test and play.

Finally we wrap up talking about improv comedy and how that can help you in your career. Spoiler alert, I agree to take an improv class sometime before the end of the year. I have already found one locally and will eventually jump in and join!

Here are links to some of the things mentioned in the podcast:



SANS Work Study Program



Access Data FTK (Forensic Tool Kit)

X-Ways Forensics

Listen to the podcast here:

Spotify iTunes Stitcher Google Play Your Computer