Emails on a cloud email server are often just as vulnerable to tampering as local messages. With a few clicks, an end-user can replace the original message on the email server with an altered copy. What can investigators do to detect red flags and authenticate messages acquired from servers? In this session, we’ll discuss what data points you need to collect from an email
server to authenticate emails, why you should consider preserving emails from multiple sources, and how you can be more confident in your findings by combining server metadata with the information found within the message.

Arman Gungor (@ArmanGungor), CEO, Metaspike

свернуть