))
Building Forensics Tools That Last | Brian Carrier (Autopsy, Sleuth Kit)
Manage episode 518725211 series 3604599
Content provided by Josh Mason & Wade Wells and Simply Cyber Media Group. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Josh Mason & Wade Wells and Simply Cyber Media Group or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Josh Mason and Wade Wells sit down with Brian Carrier, the creator of Sleuth Kit and Autopsy, two of the most widely used digital forensics tools in the world. They dig into how Brian got his start in the early days of computer forensics, how open source shaped his career, and what heโs building now with Cyber Triage.
From stories about government funding and tool rewrites to the evolving balance between open source and commercial software, this episode is packed with insight for blue teamers, DFIR pros, and anyone who cares about investigation tooling that actually works.
Watch to hear:
- The 25-year evolution of Sleuth Kit & Autopsy
- How Cyber Triage simplifies investigations for SOCs
- The tradeoffs between open source and commercial tools
- What Brian sees next in AI-driven forensics
โฑ๏ธ Timestamps:
00:00 Introduction and Guest Introduction
00:15 Brian Carrier's Journey with Sleuth Kit and Autopsy
02:06 Evolution and Funding of Autopsy
06:52 Open Source vs. Commercial Software
10:16 Future Roadmap and Innovations
14:16 Autopsy and Cyber Triage for Blue Teamers
16:24 Challenges in EDR and SOC Analysis
16:41 Investigative Process and Clues
17:18 Handling Noisy Data in EDR
17:49 Importance of Tracing Malware
18:28 Deploying Additional Collectors
19:25 Feedback from the Community
21:21 Cyber Insurance and Incident Response
23:34 Automation in Forensics
28:41 Advice for Blue Teamers
30:12 Conclusion and Final Thoughts
Links:
๐ง Listen on Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4
๐ Listen on Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1668519478
๐ป Learn more about Sleuth Kit: https://sleuthkit.org/
๐ Try Autopsy: https://www.autopsy.com/
๐ง Explore Cyber Triage: https://www.cybertriage.com/
Connect with Brain:
๐ค Brian Carrier on LinkedIn: https://www.linkedin.com/in/brian-carrier-169243/
๐ข Sleuth Kit / Basis Technology on LinkedIn: https://www.linkedin.com/company/basis-technology/
๐ผ Cyber Triage on LinkedIn: https://www.linkedin.com/company/cyber-triage/
Don't forget to like, subscribe, and hit the bell icon for more blue team content!
๐ Follow the hosts:
Josh Mason: https://www.linkedin.com/in/joshuacmason/
Wade Wells: https://www.linkedin.com/in/wadingthrulogs/
๐ก Brought to you by ThreatLocker โ Secure your business with zero trust application control. https://www.threatlocker.com/simplydefensive
๐๏ธ More Simply Defensive
- Full playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4
- Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4
- Apple Podcasts: https://podcasts.apple.com/il/podcast/simply-defensive/id1773806182
๐ If you enjoyed this episode, donโt forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity leaders.
=========================
Sponsored by @ThreatLocker - Free 30-day trial visit:
https://www.threatlocker.com/simplydefensive
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
=========================
This podcast is presented by Simply Cyber Media Group
40 episodes
Share
