Investigator’s Report and Evidence Container

SANS writer Benjamin Wright has created this template report for storing evidences for investigations.

Its really good as it includes special txt file giving authority to investigation which keeps investigator safe. It is always and highly important that investigator has to play safe otherwise might end up in screwing himself legally.

It is good from legal perspective and also provides focus for investigation, however one thing I find missing is Time Line. I believe it plays very important role for any investigation. Also I believe it should have a column for listing out the who are the people involved in the issue and may be their scope.


About wikihead

A Seeker. Information Security Professional, Pursuing Life with Ayurveda.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s