Forensic Focus

Blake Sawyer from Amped Software joins the Forensic Focus Podcast to discuss video and image forensics in the US. He shares insights on the challenges of working with low-quality CCTV footage and how Amped Software has grown and been adopted in the US market. The conversation delves into the role of the Scientific Working Group on Digital Evidence (SWGDE) in developing best practices for the field and how these standards influence product development. It also covers Amped's new DeepPlate technology for license plate recognition and emphasizes the importance of error margins in AI-assisted forensic analysis. Blake goes on to discuss Amped's certification program and how it complements other industry certifications. He shares real-world case examples, including the "Pillowcase Murders" investigation, highlighting the practical applications of video forensics in solving complex crimes.

Marco Fontani joins the Forensic Focus podcast to discuss Amped Software's latest AI-powered tool, DeepPlate. DeepPlate is a deep learning system designed to read license plates affected by common issues introduced by surveillance systems, making it a valuable asset for forensic video analysts. Marco provides an in-depth overview of DeepPlate, explaining how it currently supports eight countries (France, Germany, Italy, the Netherlands, Spain, Sweden, the UK, and the United States) and how it uses separate models for each country to account for varying license plate formats. He also discusses the synthetic data generation process used for training the models, ensuring privacy and mitigating bias. The conversation delves into the limitations and considerations when using AI-based tools in a forensic workflow, with Marco emphasizing the importance of bias mitigation techniques and proper interpretation of confidence scores. He stresses that DeepPlate is an investigative tool designed to provide a second opinion, rather than a tool for court admissibility. 00:00 – What is DeepPlate and what is its purpose? 02:45 – How many countries does DeepPlate currently support? 09:30 – What are the challenges of diplomatic and personalised number plates? 11:30 – How would a forensic video analyst use DeepPlate as part of their workflow? 13:40 – Can DeepPlate be used in Court? 16:30 – What is Amped Software's position on AI? 19:00 – What will be the impact of updated models on results? 20:50 – What kind of data is used to train the system? 23:30 – How has the system been tested? 26:15 – What are the access conditions for using DeepPlate? 28:05 – Does Amped Software retain user data for DeepPlate and if yes for how long? 29:45 – Is it possible to buy additional seats for your license? 31:00 – What are the limitations and considerations when using AI-based tools like DeepPlate for forensic and investigative purposes? 35:20 – Does Amped Software plan to use AI in other areas? Show Notes Washington State Judge Blocks Use Of AI-Enhanced Video As Evidence In Possible First-Of-Its-Kind-Ruling - https://www.linkedin.com/feed/update/urn:li:activity:7181308834370494464/ Neural Network for Denoising and Reading Degraded License Plates - https://link.springer.com/chapter/10.1007/978-3-030-68780-9_39 Introducing DeepPlate, Amped's Investigative Tool for AI-Powered License Plate Reading - https://blog.ampedsoftware.com/2024/02/28/introducing-deepplate-ampeds-investigative-tool-for-ai-powered-license-plate-reading

Join Si and Desi for another episode of the Forensic Focus Podcast. This week, they discuss the lack of transparency and potential misrepresentation in the cybersecurity industry, particularly regarding the use of open-source tools by companies and the questionable interpretation of data and statistics in marketing and advertising. The conversation also delves into the implications of relying on computer systems and algorithms to make important decisions, such as in the case of the Post Office scandal in the UK and the Centrelink repayment debacle in Australia. They emphasize the importance of human oversight, critical thinking, and considering the human impact of such decisions, rather than blindly trusting the outputs of computer systems. 00:00 – The state of the digital forensics industry 02:30 – Desi's talk at BSides Brisbane 05:30 – Sweaty Cyber Advice and Strongman 09:40 – Companies integrating open source software 23:00 – Advertising, statistics and logical fallacies 28:00 – The Post Office scandal and computer accountability 49:00 – Security, compliance and regulations 56:00 – Closing thoughts Show Notes Hardly Adequate YouTube - https://www.youtube.com/@hardlyadequate Oxfordshire's Strongman & Strongwoman - https:\oxfordshire.rocks\ CPS, Computer Records Evidence - https://www.cps.gov.uk/legal-guidance/computer-records-evidence Your Logical Fallacyis - https://yourlogicalfallacyis.com/ British Post Office Scandal - https://en.wikipedia.org/wiki/British_Post_Office_scandal The Guardian, Robodebt Scandal - https://www.theguardian.com/australia-news/2023/mar/11/robodebt-five-years-of-lies-mistakes-and-failures-that-caused-a-18bn-scandal Tyler Vigen, Spurious Correlations - http://www.tylervigen.com/spurious-correlations Forensic Focus Discord - https://discord.gg/97zKvTXHeS

Sophie Powell joins Si and Desi on the Forensic Focus Podcast to discuss various topics including her recent participation in a TryHackMe webinar, the challenges of applying for graduate schemes, and the relevance of the Cyber 9/12 competition to her career in cybersecurity. They also touch on the psychology of conspiracy theories and the implications of deepfake technology. 00:00 – Welcome to the podcast 03:00 – Sweaty Cyber Advice 03:55 – Fitness and forensics 07:00 – Mental health and mindfulness 09:10 – Gamified assessments 17:00 – Video recorded self-assessments 20:10 – Filtering candidates to fill roles 24:25 – Graduate schemes versus graduate jobs 27:40 – Apprenticeships and student loans 33:40 – Starting out on a graduate scheme 37:35 – UK Cyber 9/12 Strategy Challenge 43:55 – Dangers of deepfakes 51:10 – Conspiracy theories and computer psychology 54:40 – Closing thoughts Show Notes Hardly Adequate - https://hardlyadequate.com Try Hack Me - https://tryhackme.com/ UK Cyber 9/12 Strategy Challenge - https://www.ukcyber912.co.uk/

Chris Doman, Co-Founder of Cado Security, joins the Forensic Focus podcast to discuss cloud forensics and incident response. Cado Security provides cloud-based software for collecting and analyzing forensic evidence in cloud environments. Chris discusses the challenges of cloud forensics, such as the constantly changing nature of cloud environments and the need to standardize and normalize data from different sources. Cado Security is working on partnerships with cloud and EDR vendors, as well as IR providers, and is planning to release new features related to SaaS and email compromise investigations. 00:00 – Introducing Chris Doman from Cado Security 03:00 – Starting and growing Cado Security 05:45 – Cado Community 06:30 – Cloud forensics tools 10:40 – Collecting, processing and presenting data 12:00 – Advantages of cloud to cloud 13:50 – Audit logs 16:00 – Automation 20:30 – Training and investigation support 28:00 – Release cycle and managing updates 30:30 – Roadmap 40:30 – Chain of custody 43:00 – Encryption and storage 43:30 – Cado Security at events

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts. The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data. Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities. 00:00 – Introduction to Alan Platt 07:00 – Training 12:00 – Workflows 17:20 – Ensuring a secure environment 19:45 – Customer training 20:35 – Helping customers comply with ISO accreditation 25:00 – Validation and verification 27:30 – ISO standards 30:00 – MSAB's pipeline plans 32:40 – XEC Director 43:45 – Privacy of user data

Nick Harvey, a former Detective Inspector in the Metropolitan Police, discusses his transition from law enforcement to his current role as a Customer Success Manager at Cellebrite. He describes his experience in tackling county lines, a form of organized crime in the UK where drug dealers set up operations in smaller towns and cities to expand their business. He also discusses the role of mobile phones in criminal investigations and how data-driven approaches can expedite the justice process. Nick goes on to highlight the challenges of explaining digital evidence to judges and juries and the potential impact of artificial intelligence in forensic investigations. He also emphasizes the importance of communication between digital forensics units and investigators and the need for tools that can handle large data sets and provide actionable insights. Nick shares his thoughts on the impact of regulations on forensic processes and the need for a balance between oversight and efficiency. He concludes by advising investigators to be open to new approaches and to focus on the objectives of their investigations. 00:00 – Introduction to Nick Harvey, Customer Success Manager at Cellebrite 02:40 – Data driven approach to tackling county lines crimes 07:50 – Changing landscape of mobile forensics 11:45 – Operation Venetic and EncroChat crime 15:20 – Ensuring admissibility of evidence 19:50 – Machine learning in crimes and crime detection 24:00 – Machine learning in Cellebrite's tools 27:10 – Working at Cellebrite 31:30 – Managing large volumes of data 34:40 – Training tool users and empowering investigators to get the most from data 36:00 – Regulations and compliance frameworks 39:55 – Advice for digital investigators

Subscribe to the Forensic Focus Podcast: https://www.forensicfocus.com/podcast/ Keith Lockhart, Vice President of Training at Oxygen Forensics, discusses the evolution of training in the digital forensics industry. He highlights the shift towards online training and the use of technology to deliver courses remotely. He also mentions the importance of gathering feedback from customers and adapting training programs to meet their needs. Oxygen Forensics is focused on providing a range of training options, including on-demand content and hands-on training with shipped devices. Additionally, Keith discusses the company's new technologies, Oxygen Corporate Explorer (OCE) and Oxygen Analytic Center (OAC), which offer collaborative review and data collection capabilities. 00:00 - Keith Lockhart's career 06:45 – Educational background 09:15 – Technical knowledge and software development 14:55 – Transitioning to a training role 20:05 – Sharing knowledge and presenting evidence in court 24:15 – Products and training from Oxygen Forensics 34:00 – Receiving customer feedback 35:30 – Online versus in-person conferences and training 38:10 – Providing training and tools in different languages 41:00 – Oxygen Forensic Certifications 44:10 – Oxygen Forensics' focus for 2024

Si interviews Monica Harris from Cellebrite about new products and developments in the field of digital forensics. They talk about the importance of staying connected to the community and understanding their needs. Cellebrite has recently launched several new products, including Endpoint Mobile Now, a SaaS solution for the patent pending remote collection of targeted data on iOS and Android devices. Another new product is Mobile Ultra, a mobile forensics solution that provides access to mobile data on a wide range of iOS and Android devices. Cellebrite aims to develop technology that meets the needs of their customers and provides solutions for the challenges they face in digital forensics. 00:00 – Introduction to Monica Harris and Cellebrite 03:20 – New Cellebrite products and upgrades 05:40 – Cellebrite Endpoint Mobile Now 12:00 – Storage, privacy and ownership of acquired data 13:30 – Bandwidth requirements 15:00 – Targeting specific data 18:45 – Cellebrite Mobile Ultra 22:15 – Cloud collection platforms 26:10 – Collecting data from the cloud 27:05 – Screen share and capture capabilities 29:15 – What's coming up for Cellebrite? 32:10 – AI and machine learning 36:40 – Final thoughts and invitation to get in touch

Si and Desi interview Rich Frawley from ADF Solutions. They discuss the use of screenshots and screen recording in mobile device investigations. Screenshots and screen recordings can be used to capture evidence that may not be available through logical acquisitions, allowing investigators to add valuable information to their cases. Rich also discusses the limitations of screenshots and screen recording, such as the inability to capture certain types of data or the risk of alerting the other party in a chat conversation. He emphasizes the importance of investigators knowing their cases and making informed decisions about the best methods to gather evidence. Rich also highlights the speed and efficiency of ADF Solutions' tools, which focus on triage and intelligence gathering rather than cracking devices. He mentions the company's training programs and the ability to generate reports and share data with other tools. The conversation touches on the future of mobile forensics, including wearables and emerging technologies like smart glasses.