Richard Davis continues his “Introduction to Windows Forensics” series with a video about the System Resource Utilization Monitor (SRUM). This artifact is often left unmentioned by many forensics books and online resources. SRUM was first introduced in Windows 8, and was a new feature designed to track system resource utilization such as CPU cycles, network activity, power consumption, etc. Analysts can use the data collected by SRUM to paint a picture of a user’s activity, and even correlate that activity with network-related events, data transfer, processes, and more.
-
Analyzing videos with multiple video streams in digital forensics
In this article, we will review a special case of video files: files with multiple video s… -
PC3000 Portable III in Digital Forensics
Introduction Sooner or later, most forensics experts have to deal with damaged hard drives…
Load More Related Articles
-
-
The Five Most Dangerous New Attack Techniques and How to Counter Them
Which are the most dangerous new attack techniques? How do they work? How can you stop the… -
Visual Analysis with ProcDOT
In the new episode of “Introduction to Malware Analysis” series Richard Davis …
Load More In Videos
Comments are closed.