This report is a continuation of the work done by ENISA in the field of good practices for CSIRTs and LEAs in the fight against cybercrime. It aims at providing a guide for first responders, with a special emphasis in evidence gathering. It aims at complementing the existing (vast) material on the topic of digital forensics and evidence gathering, as these are in most cases written from the perspective of law enforcement. This guide rather aims at providing guidance for CSIRTs on how to deal with evidence and the evidence gathering process. For most CSIRTs this is a limited and (for many of them) relatively new field of operation with a growing importance.
|European Network and Information Security Agency (ENISA)
|European Union Agency for Network and Information Security (ENISA).
|Published - 2015