Volume Shadow Copies (VSCs), in their current incarnation, consist of a technology that has been part of Windows systems in its current incarnation since Vista (VSCs were available in a much more limited form with Windows XP), and yet it’s still not well understood by a good number of forensic analysts. Analysts need a better understanding of how they can access and fully exploit VSCs as part of their examinations. This chapter provides a quick description of VSCs, and then proceeds to demonstrate how an analyst can access the data within VSCs, as well as use the information available in VSCs to their advantage during an examination.