Digital Forensics

Courses + Certifications
In partnership With
  • FAQ
  • Courses
  • Certifications
  • Careers
  • Jobs
  • Companies
  • Skills
  • Articles

What is digital forensics?

Digital forensics is the process of preservation, identification, extraction and documentation of evidence contained within a computer that can be used as evidence in a variety of contexts: courts of law, for commercial practices such as hard drive data recovery or in the government sector for internal investigations and intelligence. Digital forensics is an expanding field that is becoming increasingly necessary as devices grow in storage capabilities, the internet expands, and encryption methods become stronger, further increasing the ability of cybercriminals to obscure evidence.

What does digital forensics include?
Answer Part 1

Digital forensics includes five steps: identification, preservation, analysis, documentation and presentation.

Answer Part 2

The methodology behind digital forensics includes five steps, enabling evidence to be gathered in a manner that makes it admissible within a court of law. 

  • The first step of the forensic process is identification, which takes inventory of the evidence that is present, including where and how this evidence is stored, such as within a personal computer or mobile phone.
  • The second step is preservation, where data is isolated, secured and preserved to prevent the use of any digital devices for evidence that may be present or tampered with.
  • Analysis is the next step, which reconstructs fragments of data to draw conclusions presented by the evidence. This may require multiple iterations to ensure the evidence supports specific theories.
  • The documentation step is when records of data are created so evidence can be properly catalogued and presented when needed.
  • Finally, the presentation step is to summarize and explain conclusions drawn from the evidence in layperson’s terms.
Is digital forensics a good career?
Answer Part 1

A digital forensics degree can open doors to a rewarding career in a time when demand is at an all-time high.

Answer Part 2

Digital forensics is a rewarding career that offers an opportunity to make a difference by uncovering evidence that may identify a cybercriminal. Digital forensics scientists are critical to advancing the cybersecurity landscape by identifying weaknesses in security methods and potential threats brought on by cybercriminals, helping pave the way for new legislation and penalties in response to these crimes.

In addition to the holistic rewards offered by a career in digital forensics, the average salary for a digital forensic analyst in the United States is $75,130 per year, according to Glassdoor. Digital forensic analysts within the top percentile reported making $115K per year, while the lowest percentile reported making $49K per year. For more information regarding tech salaries within the United States, check out Built In's user-submitted salaries.

What does a digital forensic do?
Answer Part 1

Digital forensic scientists help investigate digital crimes and analyze digital evidence contained within various devices.

Answer Part 2

Digital forensic scientists are critical to solving crime in an era where digital environments make up an increasing amount of daily life. Experts in digital forensics may be involved in gathering evidence on criminal activities ranging from network hacking to identity theft to online predatory activities aimed at children, providing a pathway for creating real-world change. Digital forensics scientists may dedicate themselves to a specific sector of criminal activity or work on a variety of cases, with investigations taking weeks, months or sometimes even years.


Cybersecurity Courses to Boost Your Capabilities

In partnership with

Find digital forensics training and more through top-rated cybersecurity courses on Udemy.


A computer forensic guide for understanding LINK file evidence on Windows computer systems


What you'll learn:

  • Learn how to interpret LINK files on Windows 7…



An introduction for legal professionals and other individuals with an interest in computer forensics


What you'll learn:

  • Know what type of permission is needed to…



Digital forensic as it applies to pentesting and conducting a digital forensic investigative response.


What you'll learn:

  • How to forensically image devices.…



Learn how an analyze Windows prefetch evidence


What you'll learn:

  • Understand what the Windows Prefetch artifact is

  • Be able to explain the…


Looking to level up your Digital Forensics career? Subscribe to Built In.


Careers Related to Digital Forensics


Latest Cybersecurity Jobs


Companies Hiring Cybersecurity Professionals

All Course + Certification Topics