Welcome!

News Feed Item

Advanced Forensic Technologies Uncover Lost and Hidden Evidence Faster Across Computing Devices

The big challenges digital investigators face is the time and effort required to sift through the sheer volume of case data across their devices. They use several third party solutions to handle specific tasks which add greater complexity and resources. AccessData, the leader in incident resolution technology, eliminates some of these challenges with the introduction of Forensic Toolkit (FTK) version 5.1 with native forensic investigative capability of Microsoft’s Volume Shadow Copy (VSC). This new platform allows for advanced integration and enhanced visibility into all digital elements and artifacts to ensure that evidence is not missed.

“With the increase in case work caused by the frequency and complexity of digital investigations, forensic examiners need an easy-to-use platform that enables a quicker path to evidence discovery," said Brian Karney, AccessData’s COO & President. “FTK’s VSC support allows investigators to easily identify and quickly examine ‘digital artifacts’ across different points in time, while leveraging all of the advanced features of FTK.”

Digital investigators using FTK can now quickly examine file system snapshots captured by Microsoft’s Volume Shadow Copy (VSC) technology. Unlike other solutions, FTK gives organizations access to VSC without the need for additional time-consuming manual processes or use of third party tools. This translates into a seamless, more efficient evidence-analysis process, thereby speeding the overall investigation.

"Volume Shadow Copies (VSCs) are extremely useful in digital forensics,” said Neil Broom, Laboratory Director of Technical Resource Center, an American Society of Crime Laboratory Directors (ASCLD) Accredited Lab. “Using VSCs, we have successfully proven that spoliations had been attempted on a hard drive through the use of anti-forensics tools (i.e. CCleaner). After CCleaner was run, the hard drive showed no evidence of the proprietary data we were looking for. After examining the VSCs, we were able to recover destroyed Registry files that proved the proprietary data had been accessed on that computer. The VSCs showed a ‘snapshot-in-time’ of when these files were active on the hard drive and when they were deleted.”

In addition to retrieving metadata for deleted files, VSC analysis with FTK provides a system point-in-time history that serves as a chronology of how documents, user activity, programs and other artifacts have changed over time. For example, this could reveal relevant evidence that resided in a document at some point in the past but was intentionally changed and would not be recoverable any other way – a major stumbling block in digital investigations.

Advanced Geolocation Visualization

FTK also includes evidence geomapping, a new data visualization feature, which allows investigators to see on a map the geographic location of evidence items containing geolocation information. This saves valuable time by providing a visual depiction of where digital activities and actions took place (a digital crime scene reconstruction) that may be used as irrefutable evidence in a case.

Other 5.1 features include:

  • Deeper integration with AccessData’s Password Recovery Toolkit®, industry-leading decryption technology; PRTK®. This integration allows users to right-click on an encrypted file and decrypt it on-the-fly. This option keeps investigators’ workflow simple and allows them to spend more time reviewing evidence instead of manually engaging in the file decryption process.
  • Improved organization of Internet Explorer® 9 Internet artifacts and web page reconstruction. This provides granular groupings of: IE Cache Entries, IE Cookies Entries, IE History Entries, IE Download Entries, and MSIE Recovery Data Entries as well as an integrated semantic keyword expansion capability to help examiners leverage additional keywords that may be related, specific, general or synonymous, enhancing search scope.
  • Support for Microsoft Resilient File System (MS ReFS) found in Windows 8 and Windows Server 2012.

To download FTK 5.1 or learn more about additional features included in the release, please visit www.accessdata.com

About Forensic Toolkit® (FTK®)

Given 5 stars several years running and a recommended designation from SC Magazine, AccessData's flagship product, Forensic Toolkit, has forged a category all its own by delivering a radically different architecture than other forensic tools, more advanced capabilities and a different approach to processing and analysis. The database-driven solution introduced distributed processing, integrated volatile data and memory analysis, the most comprehensive Apple® OS analysis of any other Windows-based forensics product and built-in decryption capabilities. FTK is truly an enterprise-class investigative platform, allowing examiners to remotely preview and acquire computers and handle massive volumes of data with unmatched speed and accuracy.

Additional Resources

FTK 5.1 What’s new? Video

Product Brochures, White Papers Case Studies and Additional Videos

About AccessData

AccessData Group makes the world’s most advanced and intuitive incident resolution solutions. AccessData technology delivers comprehensive, real-time insight, analysis, response and resolution of data incidents, including cyberthreats, insider threats, mobile and BYOD risk, GRC (Governance Risk & Compliance) and eDiscovery events, and overwhelming data variety and volume (i.e. “Big Data”). Over 130,000 users in law enforcement, government agencies, corporations and law firms around the world rely on AccessData software to protect them against the risks present in today’s environment of continuous compromise. http://accessdata.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
What is the best strategy for selecting the right offshore company for your business? In his session at 21st Cloud Expo, Alan Winters, U.S. Head of Business Development at MobiDev, will discuss the things to look for - positive and negative - in evaluating your options. He will also discuss how to maximize productivity with your offshore developers. Before you start your search, clearly understand your business needs and how that impacts software choices.
As you move to the cloud, your network should be efficient, secure, and easy to manage. An enterprise adopting a hybrid or public cloud needs systems and tools that provide: Agility: ability to deliver applications and services faster, even in complex hybrid environments Easier manageability: enable reliable connectivity with complete oversight as the data center network evolves Greater efficiency: eliminate wasted effort while reducing errors and optimize asset utilization Security: imple...
As people view cloud as a preferred option to build IT systems, the size of the cloud-based system is getting bigger and more complex. As the system gets bigger, more people need to collaborate from design to management. As more people collaborate to create a bigger system, the need for a systematic approach to automate the process is required. Just as in software, cloud now needs DevOps. In this session, the audience can see how people can solve this issue with a visual model. Visual models ha...
High-velocity engineering teams are applying not only continuous delivery processes, but also lessons in experimentation from established leaders like Amazon, Netflix, and Facebook. These companies have made experimentation a foundation for their release processes, allowing them to try out major feature releases and redesigns within smaller groups before making them broadly available. In his session at 21st Cloud Expo, Brian Lucas, Senior Staff Engineer at Optimizely, will discuss how by using...
SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. ANSeeN are the measurement electronics maker for X-ray and Gamma-ray and Neutron measurement equipment such as spectrometers, pulse shape analyzer, and CdTe-FPD. For more information, visit http://anseen.com/.
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
Is advanced scheduling in Kubernetes achievable? Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, will answer these questions and demonstrate techniques for implementing advanced scheduling. For example, using spot instances ...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japanese Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ruby Development Inc. builds new services in short period of time and provides a continuous support of those services based on Ruby on Rails. For more information, please visit https://github.com/RubyDevInc.
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busine...
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, will discuss some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he’ll go over some of the best practices for structured team migrat...
As businesses evolve, they need technology that is simple to help them succeed today and flexible enough to help them build for tomorrow. Chrome is fit for the workplace of the future — providing a secure, consistent user experience across a range of devices that can be used anywhere. In her session at 21st Cloud Expo, Vidya Nagarajan, a Senior Product Manager at Google, will take a look at various options as to how ChromeOS can be leveraged to interact with people on the devices, and formats th...
First generation hyperconverged solutions have taken the data center by storm, rapidly proliferating in pockets everywhere to provide further consolidation of floor space and workloads. These first generation solutions are not without challenges, however. In his session at 21st Cloud Expo, Wes Talbert, a Principal Architect and results-driven enterprise sales leader at NetApp, will discuss how the HCI solution of tomorrow will integrate with the public cloud to deliver a quality hybrid cloud e...
SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare.
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.