10 ChAPTER 1: Foundations of Digital Forensics Balancing thoroughness with haste is a demanding challenge. Tools that are designed for detecting malicious activity on computer networks are rarely designed with evidence collection in mind. Some organizations are attempting to address this disparity by retrofitting their existing systems to address authen- tication issues that arise in court. Other organizations are implementing addi- tional systems specifically designed to secure digital evidence, popularly called Network Forensic Analysis Tools (NFATs). Both approaches have shortcomings that are being addressed gradually as software designers become more familiar with issues relating to digital evidence. Bearing in mind that criminals are also concerned with digital evidence and will attempt to manipulate computer systems to avoid apprehension, digital investigators cannot simply rely on what is written in this book to process digi- tal evidence and must extend the lessons to new situations. And so, in addi- tion to presenting specific techniques and examples, this text provides general concepts and methodologies that can be applied to new situations with some thought and research on the part of the reader.