Several days ago, we published a preview of the new edition of Event Log Explorer software – Forensic Edition! Here I will show what benefits you can get from this edition. First, I should say that currently it is fully compatible with the standard edition of Event Log Explorer – it uses the same workspace, the same settings and currently the same registration key. By… Read More »
Looking for a solid solution to unravel computer-stored evidence? Need a deeper insight into what’s happening on your PC or a suspect’s device, looking to restore or crack an essential password? Check out this brief review of unheralded yet powerful forensic tools. The most common definition of computer forensics is the procedure of detecting and analyzing evidence collected from digital media, i.e. hard drives, portable… Read More »
As a producer of digital forensic software, we are regularly learning more about forensic methods and tasks. Recently I came across a curious article (and video) in Business Insider called “How forensic accountants use Benford’s Law to detect fraud” The video states that forensic guys can use Benford’s Law to analyze financial data and identify red flags. This sounds interesting because it is too easy to… Read More »
In my previous post, I explained how to display logon type for logon events in Security log and described meaning of some values. Here I will give you more information about logon types. The descriptions of some events (4624, 4625) in Security log commonly contain some information about “logon type”, but it is too brief: The logon type field indicates the kind of logon that occurred.… Read More »
One of the most important tasks in the security event log analysis is to find out who or what logs your system on. Here I will explain how Event Log Explorer helps you to solve this task. First, you need to make sure that Windows security auditing is enabled for logon events. You can do this using Local Security Policy or Group Policy, depending on… Read More »