The Alexiou Principle

October 29, 2020 in Forensic Analysis, Preaching

I very rarely republish content of other blogs, but today, for many reasons really, I feel obliged to republish one of the most relevant DFIR posts ever: The Alexiou Principle by Chris Pogue.

The 4 questions that form The Alexiou Principle are absolutely perfect:

  1. What question are you trying to answer?
  2. What data do you need to answer that question?
  3. How do you extract that data?
  4. What does that data tell you?

If you are starting your DFIR journey, or are a seasoned DFIR professional these questions will remain a mantra that you will follow, one way or another.

Embrace them.

