2019 Forensic 4cast Awards nominees will be presented quite soon, and we decided to present our picks to our readers.
DFIR Commercial Tool of the Year
We use quite a lot of tools. Belkasoft Evidence Center, Magnet AXIOM, X-Ways Forensics, and some others. But the choice was between Belkasoft and Magnet as we used these two most often, and both tools had great features added throughout the year. Finally, we reviewed the updates of both products and decided that Magnet AXIOM got this nomination again in 2018.
DFIR Non-commercial Tool of the Year
Here we can’t nominate only one tool. We want to nomanate a bunch of tools. The whole toolset written by Eric Zimmerman is very useful and must be a part of every digital forensics and incident response specialist.
DFIR Show of the Year
There aren’t lots of DFIR related shows. We checked our browsing history and realized that we watched David Cowen’s Forensic Test Kitchen most often.
DFIR Blog of the Year
As you are reading our blog right now, consider nominating Cyber Forensicator as DFIR Blog of the Year! It will be a good motivation for us to work much harder!
DFIR Book of the Year
It’s Harlan Carvey’s Investigating Windows Systems. The book gives you a chance to look at the process of forensicating through the eyes of other analyst, brilliant analyst, just like in Being John Malkovich. Amazing!
Also Oleg co-authored the second edition of Learning Android Forensics – consider nominating it as well! It contains lots of useful information about forensics of modern Android devices as well as some info about malware detection and analysis.
DFIR Article of the Year
This nomintion is a bit difficult – there are so many articles and blog posts appear throughout the year. You may remember only the most recent, and do not remember those posted in January or February, so we decided to skip this nomination.
DFIR Social Media Contributor of the Year
@SBousseaden twitted a lot of extremely useful information related to threat hunting – definitely worth a nomination.
DFIR Degree Program or Training Class of the Year
Definitely it’s FOR578: Cyber Threat Intelligence. GIAC Cyber Threat Intelligence (GCTI) certification was announced in 2018, bringing the course to a new level. What is more, CTI is very important not only for incident response, but for incident related forensics as well.
Most Valuable Threat Intel Contribution
We have walked through a lot of great CTI reports in 2018. But we want to nominate our colleagues report – Silence: Moving into the Darkside. The report is really in-depth, includs a detailed analysis of the toolset created by Silence and associated Indicators of Compromise (IoC), YARA and even IDS rules.
DFIR Groundbreaking Research of the Year
Maxim Suhanov started his personal blog in 2018, and started posting really groundbreaking things. Worth a nomination, of course!
DFIR Newcomer of the Year
We didn’t think a lot about this nomination as well – it’s Marcos Fuentes. He worked a lot in 2018, wrote a lot of articles both in English and Spanish, and was very active on DFIR Twitter.
DFIR Resource of the Year
Definitely Phil Moore’s This Week in 4n6! Great DFIR resource, we read it every Sunday!
DFIR Team of the Year
David Cowen and Matthew Seyer. They created amazing CTFs, Forensic Lunches – we are sure, they are a great DFIR team!
Digital Forensic Investigator of the Year
Sarah Edwards! MacOS forensics guru. Posts, tweets, talks, tools, SANS FOR518… A nomination, of course!
That’s it, happy forensicating!