Matthieu Regnery is a former Digital Forensic Specialist at Grayshift and current Principal Forensic Engineer. He is a subject matter expert in Mobile Forensics, and a registered expert witness in France. Prior to joining Grayshift, Regnery spent eight years in the French Gendarmerie as a digital forensic examiner and head of their data extraction lab. He joined the Facebook abuse team and founded his own company to conduct justice and law enforcement examinations.
In his interview, Regnery discusses the extreme pace of evolution in digital forensics, how to keep up, and the importance of bringing passion and curiosity to your digital forensics role day in and day out.
- It’s obvious you’re a #nerdcop. What’s your favorite type of technology you love to use every day?
I enjoy understanding how to recover data, especially when it is hidden, encrypted, or obfuscated. I use everything that might help achieve that: extraction tool to start with, python script, decompiler, debugger, etc.
- When you were a digital forensic investigator, what types of cases did you typically encounter?
Every type of case from terror or homicide to white collar fraud, credit card cloning, burglaries, assaults, child abuse material, narcotics, organized groups trafficking, and so on.
- Is there an example of a case you investigated with GrayKey? Can you tell us how GrayKey could have helped?
I did not have a chance to use GrayKey during my time in the National Gendarmerie Lab, but I heard of it early on and did everything to make the purchase happen. GrayKey would have been helpful in several cases, where we did not have support with the other tools.
- What is one thing you wish people understood about the job?
I wish people would understand the extreme pace of evolution in this field. We must always keep up with technologies, applications, support, and capabilities. Therefore, the time spent on a case is usually more important than other traditional forensics and the time spent on training, R&D, or technological intelligence.
- What was the most challenging crime you would have solved with GrayKey?
As a former member of a central lab, we could have helped with several investigations if we had GrayKey at the time. The good side of not having the tools is that it challenges your mind. We researched and developed internal capabilities and gave some time to build new procedures for device preservation.
- What challenges did you regularly face as a mobile forensics examiner?
Locked, encrypted, and damaged phones – I always had to deal with the most challenging phones, their condition, or their data security. I can also say that preserving the custody chain and logging case information is both critical and challenging.
- What advice would you give new digital forensic specialists to help them overcome similar challenges?
Patience, energy and curiosity! Use your brain, test (a lot) and break things (you can ask my former team 😛).
- What do you know now that you wish you knew when first starting out?
How to manage my bosses, my battles, and my expectations! (Maybe I still miss some…)
- What’s a secret about one of your teammates that most people don’t know but should?
Secrets are secret 😛
- What superpower do you bring to Grayshift?
Contact us to learn more about the availability of Grayshift technology – like GrayKey and ArtifactIQ by Grayshift – for local, state, and federal law enforcement in your corner of the world.
Other resources you might be interested in:
- The Investigators Corner (login credentials required/can be requested)
- A Beginner’s Guide to Building and Funding a Mobile Device Forensics Lab
- Simplifying The Digital Forensics Analysis Workflow
- Full Access to Braden Thomas and Scott Hettinger on ArtifactIQ by Grayshift
© 2022. Grayshift, LLC. All rights reserved. Proprietary and confidential.