Tuesday, March 16, 2010

The start of a journey.

I'm a few short weeks from taking (and hopefully passing) the GCFA exam. I have been reading and studying everything I can get my hands on for more than 3 months to try to scratch the surface of the Computer Forensics field. I'm fortunate to know a handful of people already working as incident responders and investigators who have been willing to send me reading lists, blog links, old reports and class notes to study and review. Even with all of this it's difficult to know how to prepare for an exam encompassing such a broad field.

I'm already torn between the excitement of catching a hacker in the act or helping put away a creep that desperately deserves it, and the sheer boredom that is cyber-terrorism law and file allocation tables. I'm also torn by who I see working in the field. There seems to be a huge divide between those who innovate, experiment and further the possibilities and those who are happy pointing and clicking their way to a paycheck. I'd like to think that with a few years of experience under my belt I won't want a push-button forensics job. There is way too much to explore in a field that is just now coming into its own.

For now, I'm the new guy.

Wish me luck.


  1. Let me know what you need and when you need it! Like most of us in the field, we are more then willing to help new investigators break into the field. Take good notes, read everything you can find, and practice practice practice!

    Best of luck to you!

  2. Good luck, Grayson. I look forward to following your adventures.

  3. Hi Guys,

    I am new to the field of digital investigations. I currently have my EnCE and ACE certs;however, money is a bit tight and I want to pursue my CCE and CFCE. Can anyone recommend a good cert to get that will help push my career in the field,but at the same time wont go broke.

  4. What are you doing now? Sometimes another technical cert isn't the way to go.