También se denomina “ciencia forense informática”. Cuando se trata de la seguridad de la información, se refiere a la aplicación de herramientas de investigación y técnicas de análisis para recolectar evidencia a partir de recursos informáticos a fin de determinar la causa del riesgo de los datos.

http://es.pcisecuritystandards.org

El análisis forense es una metodología de estudio ideal para el análisis posterior de incidentes, mediante el cual se trata de reconstruir cómo se ha penetrado en el sistema, a la par que se valoran los daños ocasionados. Si los daños han provocado la inoperabilidad del sistema, el análisis se denomina análisis postmortem.

http://es.wikipedia.org/wiki/Auditor%C3%ADa_de_seguridad_de_sistemas_de_informaci%C3%B3n

The application of the scientific method to digital media to establish factual information for judicial review.

Scope Note: This process often involves investigating computer systems to determine whether they are or have been used for illegal or unauthorized activities As a discipline it combines elements of la and have been used for illegal or unauthorized activities. As a discipline, it combines elements of law and computer science to collect and analyze data from information systems (e.g., personal computers, networks, wireless communication and digital storage devices) in a way that is admissible as evidence in a court of law.

ISACA, Cybersecurity Glossary, 2014

The process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable in any legal proceedings

ISACA, Cybersecurity Glossary, 2014

The process of collecting, assessing, classifying and documenting digital evidence to assist in the identification of an offender and the method of compromise

ISACA, Cybersecurity Glossary, 2014

The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data. [CNSSI_4009:2010]

The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data. [CNSSI_4009:2010]

An accurate bit-for-bit reproduction of the information contained on an electronic device or associated media, whose validity and integrity has been verified using an accepted algorithm. [CNSSI_4009:2010]

The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data. [NIST-SP800-61:2004]

Also referred to as “computer forensics.” As it relates to information security, the application of investigative tools and analysis techniques to gather evidence from computer resources to determine the cause of data compromises.

https://www.pcisecuritystandards.org/security_standards/glossary.php

Computer forensics is application of the scientific method to digital media in order to establish factual information for judicial review. This process often involves investigating computer systems to determine whether they are or have been used for illegal or unauthorized activities. Mostly, computer forensics experts investigate data storage devices, either fixed like hard disks or removable like compact disks and solid state devices. Computer forensics experts:

·         Identify sources of documentary or other digital evidence.

·         Preserve the evidence.

·         Analyze the evidence. Present the findings.

Computer forensics is done in a fashion that adheres to the standards of evidence that are admissible in a court of law.

http://en.wikipedia.org/wiki/Computer_forensics

The intelligence resulting from the integration of scientifically examined materials and other information to establish full characterization, attribution, and the linkage of events, locations, items, signatures, nefarious intent, and persons of interest. Also called FEI. [JP2-0:2013]

Également dénommé «expertise judiciaire en informatique». S’appliquant à la sécurité des informations, les outils d’investigation et de techniquesd’analysepermettent de rassembler des preuves à partir des ressources informatiques afin de déterminer la cause de la compromission des données.

http://fr.pcisecuritystandards.org/