ABSTRACT
The collection of evidence and intelligence-based artifacts in environments that are time urgent has become complex in nature. The growth of technology topologies is allowing for a robust infrastructure that offers a bad actor in our society many new opportunities to commit crimes or terrorist acts. These new infrastructures being used by the bad actor offer the investigator new opportunities to track and collect artifacts that can lead to the identification of these bad actors. Current forensic collection frameworks still focus heavily on the collection of small datasets and non-complex topologies. This paper focuses on the digital triage component of the artifact collection process. This paper proposes a more defined triage methodology that answers todays more robust topologies.
Keywords
exploitation, triage collection, high-reliability organization