alex@runeforensics.com(603) 758-8189

Experience

Digital forensic experience built through casework, investigations, reporting, and testimony.

Rune Forensics is led by Alexander Harbitz, a digital forensic examiner with experience in forensic casework, report writing, testimony, law enforcement investigations, and digital forensics education.

Background

Professional background

Alexander Harbitz is a digital forensic examiner and the founder of Rune Forensics. His work has involved forensic review of mobile devices, computers, cloud records, email evidence, application data, and disputed digital evidence in legal and investigative matters.

His background includes forensic casework, law enforcement investigations, report writing, testimony, and digital forensics education. That experience shapes how Rune Forensics approaches each matter: define the question, preserve the relevant evidence, analyze the source records, document limitations, and explain the findings clearly.

Legal and investigative work

Experience that fits legal and investigative work

Casework and evidence review

Digital evidence is reviewed with attention to source data, timing, context, and the limits of the available records. The goal is to answer the relevant question, not to overwhelm the matter with unnecessary technical output.

Reports and testimony

Findings are organized so attorneys, courts, and other reviewers can understand what was reviewed, what was found, what remains uncertain, and what the evidence can reasonably support.

Teaching and explanation

Teaching digital forensics requires translating technical concepts without losing accuracy. That same approach carries into reports, consultations, and testimony preparation.

Certifications

Forensic credentials and professional training.

Certifications matter, but judgment matters more. These credentials reflect training across forensic methodology, mobile evidence, computer evidence, cybersecurity, and investigative review.

ISC2 CISSP certification logo

CISSP

Certified Information Systems Security Professional

ISC2
IACIS CFCE certification logo

CFCE

Certified Forensic Computer Examiner

IACIS
Cellebrite CCME certification logo

CCME

Cellebrite Certified Mobile Examiner

Cellebrite
Magnet Forensics MCFE certification logo

MCFE

Magnet Certified Forensics Examiner

Magnet Forensics
IACIS CMDE certification logo

CMDE

Certified Mobile Device Examiner

IACIS
IACIS CAWFE certification logo

CAWFE

Certified Advanced Windows Forensic Examiner

IACIS
EC Council CHFI certification logo

CHFI

Computer Hacking Forensic Investigator

EC Council
EC Council CEH certification logo

CEH

Certified Ethical Hacker

EC Council

Working method

How this background shapes the work

Scope before tools

The work starts with the question that needs to be answered. Tools help process evidence, but they do not define the scope of the analysis.

Artifacts before conclusions

Important findings are checked against source artifacts, timestamps, metadata, logs, application records, and surrounding context.

Limits stated clearly

Missing data, tool limitations, uncertainty, and alternate explanations are identified when they affect the strength of a conclusion.

Findings written for review

The final work product should be clear enough to use, detailed enough to review, and restrained enough to defend.

Independent review

Need an independent forensic review?

Rune Forensics can review devices, account records, reports, extractions, timelines, and disputed digital evidence.

Request consultation