Together with the development of information systems and technologies, there is a significant change in the global security environment. Cyberspace has become a major area of massive crime in recent years. The protection of privacy, freedom, property and other intellectual values is of interest to any subject involved. Different protection of the perimeter and the endpoints are invariably invested, but in essence, most of them without any subsequent internal prevention steps. Classical or reincarnated paradigms of security largely "degrade" forensic analysis to investigate a security incident. The aim is to prevent a security incident and not only to deal with the consequences afterwards. Considering the strength of forensic analysis, we consider constructively guided forensic analysis as a significant form of proactive protection and security of the environment.