In cases, where data disappear or spyware is suspected, progressive IT forensic methods are required. Over the past few years, IT forensic/data forensic has developed from a special discipline used for investigation purposes to an important tool for all operators of IT systems.
IT forensic is an important sector using a variety of modern methods for the reconstruction of crimes and resulting in the conviction of the perpetrators.
This makes IT forensic an important tool for any concept dealing with computer security of a company. Decisive parts or sections of the forensic process are
In IT forensic, there is a general differentiation between post mortem analysis (offline forensic) and live forensic (online forensic). Any analysis using forensic requires a predefined process of incident handling.