Phil Hagen’s Post

View profile for Phil Hagen, graphic
Phil Hagen

Timestamps, timestamps, timestamps. You may not realize just HOW MANY different formats these critical pieces of forensic evidence can come in! In my latest video, we explore a few of them, and talk about which one you may want to gravitate toward for your logs and other evidence. https://lnkd.in/eAqpWMsg

DFIR Fundamentals - Timestamp Formats

https://www.youtube.com/

Sammy B.

CISO @ Careful Security | CISSP, CISA, GPEN

1mo

Phil Hagen, your video on timestamps is spot on! In the world of cybersecurity, especially when dealing with security monitoring and regulatory compliance, understanding the nuances of timestamp formats is crucial. Great insights!

Like
Reply
Greg Smith - MTEB, IDF, UNI

Management: Research, Management, Governance, Board, Communications Networks, Digital, Mobile, Forensics & Telecoms.

1mo

Provided of course keeping up with updates is also taken into consideration see RFC9557:2024 https://www.rfc-editor.org/rfc/rfc9557

Like
Reply
2 Reactions
Brad Knowles

Sr. Systems Engineer at Applied Digital (APLD)

1mo

ISO 8601 is pretty complex, with all the various different options. Do you recommend something simpler? Like maybe RFC-3339 (see https://www.rfc-editor.org/rfc/rfc3339)?

Like
Reply
Aleksandra Gehrke

Manager | Digital Forensics & Incident Response at Deloitte GmbH | GCFA | GIAC Advisory Board

1mo

Oh man, I realize. 😆 I wrote my thesis on timestamps (within and across various OS) several years ago 😆 🙄

Like
Reply
1 Reaction
See more comments

To view or add a comment, sign in

More Relevant Posts

Phil Hagen

3,437 followers

View Profile

Explore topics