Forensic Analysis

What is Forensic Analysis?

Forensic analysis describes a process where an investigation occurs around a security violation or incident. This process works to determine what happened, why, who is behind it, as well as the person(s) responsible for the incident. These incidents may include something that violated the law, or just company policy. Most often, forensic analysis is used in court during criminal proceedings. This type of analysis uses a large variety of technology and methods. It may even use mobile device collection to secure the evidence it needs.


A forensic analyst will use any method necessary to capture the data and evidence. A type of forensics that has been on the rise is malware forensics. This has increased because of the increasing amount of cybercrime that impacts banks, retail businesses, and technology. This type of crime is dangerous to both government and private companies.

Malware is typically used by criminals in an online environment that hack into devices and install dangerous applications. Once this type of virus is put on a mobile device, the company must act quickly to address it. Digital forensics uses tools that can pull evidence from a computer. This may include information identity, preservation of information, recovering information, and investigations that all remain within the standards for digital forensics.


Mobile device forensics can help with mobile device collection of information. This typically refers to retrieving information on mobile devices. As smartphones and other mobile devices became more popular, so did this branch of forensics.


The purpose of software forensics is to figure out if software was stolen. These analysts look at the source code of similar software to determine if it was stolen code. This type of forensics works in cases dealing with intellectual property. Memory forensics deals with an attack of data on a hard drive. This could include data being erased from the memory of the computer.