F is for Fragments in Time - Building Forensic Timelines

F is for Federated Identity: When Login Is the Crime

In this episode we dive into the modern reality of identity-driven attacks. In today’s cloud-first world, attackers don’t need malware or exploits — they simply log in. Learn how federated identity systems like Microsoft Entra ID, Okta, and Google Workspace change the forensic landscape, why credentials and tokens have become the new attack surface, and how investigators can uncover evidence hidden inside authentication logs, access events, and OAuth permissions. If you want to understand how to investigate cases where login itself is the crime, this episode is essential listening. #FforForensics #DigitalForensics #DFIR #CloudForensics #IdentitySecurity #FederatedIdentity #CyberForensics #IncidentResponse #CyberSecurity #AuthenticationLogs #MFA #TokenAbuse #ForensicPodcast

F is for the Future – Digital Forensics in a Cloud-First World

Season 2 kicks off with a look at how digital forensics is evolving in a cloud-first world. We explore why traditional disk-based investigations no longer work, how identity and access have become the new evidence, and what investigators must learn to solve modern cases where logs, tokens, and timestamps matter more than files. #FforForensics #DigitalForensics #DFIR #CloudForensics #CyberForensics #IdentitySecurity #IncidentResponse #ForensicPodcast #CyberSecurity

F is for the Final Piece - Breaking a Case Wide Open

In the final episode of the year, we bring everything together—file systems, memory, timelines, flash storage, and user activity—to show how real digital cases are solved from start to finish. This episode walks through how a single overlooked artifact can become the final piece that breaks a case wide open. We also reflect on the season and tease bigger, deeper, and more advanced forensic topics coming next year. This is a must-listen finale you won’t want to miss. #FforForensics #DigitalForensics #DFIR #ForensicPodcast #CyberForensics

F is for Flash Storage – Evidence in the Modern Drive

In this episode, we break down the challenges and opportunities of flash storage forensics. From SSDs and USB drives to smartphones, learn how wear leveling, TRIM commands, and encryption impact evidence recovery—and why “deleted” doesn’t always mean gone. Real-world cases and practical techniques show how investigators adapt in the modern storage era. #FforForensics, #FlashForensics, #DigitalForensics, #DFIR, #CyberForensics, #SSDForensics, #FlashStorage, #DataRecovery, #ForensicAnalysis, #ComputerForensics, #MobileForensics, #CyberCrime, #ForensicPodcast

F is for Fragments in Time - Building Forensic Timelines

In this episode of F for Forensics, we explore how investigators transform scattered artifacts into a clear digital narrative using forensic timelines. From MACB timestamps and registry entries to browser data, logs, and super timelines, this episode breaks down how timelines reveal patterns, expose anomalies, and connect user actions across systems. Real-world examples show how seconds, not hours, can make or break a case. #FforForensics, #ForensicTimelines, #DigitalForensics, #DFIR, #CyberForensics, #TimelineAnalysis, #EventLogs, #Plaso, #Timesketch, #ComputerForensics, #ForensicAnalysis, #CyberCrime, #IncidentResponse, #ForensicPodcast