First Post of '08

So, here it is...the first post of 2008 on my blog...what to say, what to say? I'm not a big fan of the "predictions" posts, pontificating on what's going to happen in the coming year. For the most part, who knows? Anything we do see in the media regarding data breaches is...well...tainted by the media, so we're not going to have any idea of the validity of what we're seeing.

Let's do some highlights...

From the perspective of this blog and the subject matter, the highlights for 2007 were the release of Windows Forensic Analysis in May, followed at the end of the year by the release of Perl Scripting for IT Security (the cover on Amazon says "IT", but the book on my bookshelf says
"Windows"...it was published by Elsevier).

Another highlight, as it relates to the WFA book, is that Richard Bejtlich posted his Best Books Bejtlich Read in 2007, and ranked WFA #3! High praise, indeed, considering that Richard is a *BSD guy!

Goals I'd like to achieve in the coming year include:

1. Finish development on Windows memory parsing tools (or at least progress along in the stages....)
2. Finish development of a Windows Registry preprocessor (basically, extract the Registry hive files from an image and drop them into a "thresher", and the wheat gets separated from the chaff...)
3. Include more Vista- and Windows 2008-specific data in #1 and #2 above
   
4. Do more codification and documentation of frameworks and processes related to my day job; things like live response, CSIRP development, documentation of data extraction and analysis processes for Windows platforms, etc.

I think that's about enough, don't you? Keep the goals achievable...there's nothing like looking back over a year (or a customer engagement!!) and realizing that the goals were to grandeous and volumonous, and simply weren't reached.

If you got some goals, thoughts or comments that relate to the subject matter of this blog, feel free to post a comment...and have a great 2008!

Addendum:
Andrew Hay's Predictions for '08