Swiss Infosec Event 2005 - Forensic in e-Business Applications
Forensic analysis in e-business applications is not a trivial task since it requires good preparation. At the Swiss Infosec Event in 2005 I held a high-level talk on this topic. On the basis of three real-life cases (Web-Site Defacement, Phishing and insufficient log content) I showed what can go wrong when web site owners are not prepared for an incident. The presentation leads to the conclusion that there should be centralized logging, unique identifiers to correlate log files accross application tiers and sufficient verbose log content to accomplish meaningful forensic results. The german version of the slides can be download here.
