Welcome to 360º Forensics.

A Community for Computer Forensics Professionals.

Did you know that over 90 percent of today's information is created and/or stored electronically, and over 70 percent of those electronically stored documents are never printed. Therefore the likelihood of missing evidence or information is very high. However, proper and thorough forensic examinations of the related computers and storage media can now uncover this missing information or evidence.

Computer forensics, still a rather new discipline in computer security, focuses on finding digital evidence after a computer security incident has occured.

The goal of computer forensics is to do a structured investigation and find out exactly what happened on a digital system, and who was responsible for it.

There are essentially three phases for recovering evidence from a computer system or storage medium.

Those phases are:

1. Acquire

2. Analyze

3. Report.

Often, the results of a forensic investigation are used in criminal proceedings.

Given the fact that computer criminals always leave tracks, it's "just" a matter of finding these tracks. But this is not always easy. The evolution in computer technology goes on, computers and other communication systems become very complicated and better connected through all kinds of networks. At the same time, computer crime techniques become more sophisticated and better coordinated.

On this website you'll learn all about Computer Forensic Investigation and procedures for finding Digital Evidence on systems.