Sqrrl Blog

May 24, 2017 8:00:00 AM

Cyber Incident Investigation Series: Retracing Investigation Steps

By Chris Sanders

Finding evil is all about asking the right questions, finding answers, and using those answers to ask more questions. Each question and answer represent a decision point, branching the investigation off down a new path. The path of the analyst is far from linear, and sometimes we need to go back and retrace our steps to work from a previous decision point. Just like Hansel and Gretel left breadcrumbs along their path through the woods, we too need breadcrumbs to ensure that we’re fully exploring our hypotheses and seeing the whole picture of an investigation clearly.

Read More