Josh Mason and Wade Wells sit down with Brian Carrier, the creator of Sleuth Kit and Autopsy, two of the most widely used digital forensics tools in the world. They dig into how Brian got his start in the early days of computer forensics, how open source shaped his career, and what he’s building now with Cyber Triage.

From stories about government funding and tool rewrites to the evolving balance between open source and commercial software, this episode is packed with insight for blue teamers, DFIR pros, and anyone who cares about investigation tooling that actually works.

Watch to hear:

• The 25-year evolution of Sleuth Kit & Autopsy
• How Cyber Triage simplifies investigations for SOCs
• The tradeoffs between open source and commercial tools
• What Brian sees next in AI-driven forensics

⏱️ Timestamps:
 00:00 Introduction and Guest Introduction
 00:15 Brian Carrier's Journey with Sleuth Kit and Autopsy
 02:06 Evolution and Funding of Autopsy
 06:52 Open Source vs. Commercial Software
 10:16 Future Roadmap and Innovations
 14:16 Autopsy and Cyber Triage for Blue Teamers
 16:24 Challenges in EDR and SOC Analysis
 16:41 Investigative Process and Clues
 17:18 Handling Noisy Data in EDR
 17:49 Importance of Tracing Malware
 18:28 Deploying Additional Collectors
 19:25 Feedback from the Community
 21:21 Cyber Insurance and Incident Response
 23:34 Automation in Forensics
 28:41 Advice for Blue Teamers
 30:12 Conclusion and Final Thoughts

Links:
 🎧 Listen on Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4
🍎 Listen on Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1668519478
💻 Learn more about Sleuth Kit: https://sleuthkit.org/
🔍 Try Autopsy: https://www.autopsy.com/
🧠 Explore Cyber Triage: https://www.cybertriage.com/

Connect with Brain:
👤 Brian Carrier on LinkedIn: https://www.linkedin.com/in/brian-carrier-169243/
🏢 Sleuth Kit / Basis Technology on LinkedIn: https://www.linkedin.com/company/basis-technology/
💼 Cyber Triage on LinkedIn: https://www.linkedin.com/company/cyber-triage/

Don't forget to like, subscribe, and hit the bell icon for more blue team content!

🔗 Follow the hosts:
Josh Mason: https://www.linkedin.com/in/joshuacmason/
Wade Wells: https://www.linkedin.com/in/wadingthrulogs/

💡 Brought to you by ThreatLocker – Secure your business with zero trust application control. https://www.threatlocker.com/simplydefensive

🎙️ More Simply Defensive
- Full playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4
- Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4
- Apple Podcasts: https://podcasts.apple.com/il/podcast/simply-defensive/id1773806182

👍 If you enjoyed this episode, don’t forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity leaders.

=========================
Sponsored by @ThreatLocker - Free 30-day trial visit:
https://www.threatlocker.com/simplydefensive
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
=========================
This podcast is presented by Simply Cyber Media Group