Welcome!

News Feed Item

Advanced Forensic Technologies Uncover Lost and Hidden Evidence Faster Across Computing Devices

The big challenges digital investigators face is the time and effort required to sift through the sheer volume of case data across their devices. They use several third party solutions to handle specific tasks which add greater complexity and resources. AccessData, the leader in incident resolution technology, eliminates some of these challenges with the introduction of Forensic Toolkit (FTK) version 5.1 with native forensic investigative capability of Microsoft’s Volume Shadow Copy (VSC). This new platform allows for advanced integration and enhanced visibility into all digital elements and artifacts to ensure that evidence is not missed.

“With the increase in case work caused by the frequency and complexity of digital investigations, forensic examiners need an easy-to-use platform that enables a quicker path to evidence discovery," said Brian Karney, AccessData’s COO & President. “FTK’s VSC support allows investigators to easily identify and quickly examine ‘digital artifacts’ across different points in time, while leveraging all of the advanced features of FTK.”

Digital investigators using FTK can now quickly examine file system snapshots captured by Microsoft’s Volume Shadow Copy (VSC) technology. Unlike other solutions, FTK gives organizations access to VSC without the need for additional time-consuming manual processes or use of third party tools. This translates into a seamless, more efficient evidence-analysis process, thereby speeding the overall investigation.

"Volume Shadow Copies (VSCs) are extremely useful in digital forensics,” said Neil Broom, Laboratory Director of Technical Resource Center, an American Society of Crime Laboratory Directors (ASCLD) Accredited Lab. “Using VSCs, we have successfully proven that spoliations had been attempted on a hard drive through the use of anti-forensics tools (i.e. CCleaner). After CCleaner was run, the hard drive showed no evidence of the proprietary data we were looking for. After examining the VSCs, we were able to recover destroyed Registry files that proved the proprietary data had been accessed on that computer. The VSCs showed a ‘snapshot-in-time’ of when these files were active on the hard drive and when they were deleted.”

In addition to retrieving metadata for deleted files, VSC analysis with FTK provides a system point-in-time history that serves as a chronology of how documents, user activity, programs and other artifacts have changed over time. For example, this could reveal relevant evidence that resided in a document at some point in the past but was intentionally changed and would not be recoverable any other way – a major stumbling block in digital investigations.

Advanced Geolocation Visualization

FTK also includes evidence geomapping, a new data visualization feature, which allows investigators to see on a map the geographic location of evidence items containing geolocation information. This saves valuable time by providing a visual depiction of where digital activities and actions took place (a digital crime scene reconstruction) that may be used as irrefutable evidence in a case.

Other 5.1 features include:

  • Deeper integration with AccessData’s Password Recovery Toolkit®, industry-leading decryption technology; PRTK®. This integration allows users to right-click on an encrypted file and decrypt it on-the-fly. This option keeps investigators’ workflow simple and allows them to spend more time reviewing evidence instead of manually engaging in the file decryption process.
  • Improved organization of Internet Explorer® 9 Internet artifacts and web page reconstruction. This provides granular groupings of: IE Cache Entries, IE Cookies Entries, IE History Entries, IE Download Entries, and MSIE Recovery Data Entries as well as an integrated semantic keyword expansion capability to help examiners leverage additional keywords that may be related, specific, general or synonymous, enhancing search scope.
  • Support for Microsoft Resilient File System (MS ReFS) found in Windows 8 and Windows Server 2012.

To download FTK 5.1 or learn more about additional features included in the release, please visit www.accessdata.com

About Forensic Toolkit® (FTK®)

Given 5 stars several years running and a recommended designation from SC Magazine, AccessData's flagship product, Forensic Toolkit, has forged a category all its own by delivering a radically different architecture than other forensic tools, more advanced capabilities and a different approach to processing and analysis. The database-driven solution introduced distributed processing, integrated volatile data and memory analysis, the most comprehensive Apple® OS analysis of any other Windows-based forensics product and built-in decryption capabilities. FTK is truly an enterprise-class investigative platform, allowing examiners to remotely preview and acquire computers and handle massive volumes of data with unmatched speed and accuracy.

Additional Resources

FTK 5.1 What’s new? Video

Product Brochures, White Papers Case Studies and Additional Videos

About AccessData

AccessData Group makes the world’s most advanced and intuitive incident resolution solutions. AccessData technology delivers comprehensive, real-time insight, analysis, response and resolution of data incidents, including cyberthreats, insider threats, mobile and BYOD risk, GRC (Governance Risk & Compliance) and eDiscovery events, and overwhelming data variety and volume (i.e. “Big Data”). Over 130,000 users in law enforcement, government agencies, corporations and law firms around the world rely on AccessData software to protect them against the risks present in today’s environment of continuous compromise. http://accessdata.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develo...
“We're a global managed hosting provider. Our core customer set is a U.S.-based customer that is looking to go global,” explained Adam Rogers, Managing Director at ANEXIA, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
SYS-CON Events announced today that MangoApps will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device.
IoT is rapidly changing the way enterprises are using data to improve business decision-making. In order to derive business value, organizations must unlock insights from the data gathered and then act on these. In their session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, and Peter Shashkin, Head of Development Department at EastBanc Technologies, discussed how one organization leveraged IoT, cloud technology and data analysis to improve customer experiences and effi...
The IETF draft standard for M2M certificates is a security solution specifically designed for the demanding needs of IoT/M2M applications. In his session at @ThingsExpo, Brian Romansky, VP of Strategic Technology at TrustPoint Innovation, explained how M2M certificates can efficiently enable confidentiality, integrity, and authenticity on highly constrained devices.
In today's uber-connected, consumer-centric, cloud-enabled, insights-driven, multi-device, global world, the focus of solutions has shifted from the product that is sold to the person who is buying the product or service. Enterprises have rebranded their business around the consumers of their products. The buyer is the person and the focus is not on the offering. The person is connected through multiple devices, wearables, at home, on the road, and in multiple locations, sometimes simultaneously...
“delaPlex Software provides software outsourcing services. We have a hybrid model where we have onshore developers and project managers that we can place anywhere in the U.S. or in Europe,” explained Manish Sachdeva, CEO at delaPlex Software, in this SYS-CON.tv interview at @ThingsExpo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
"We've discovered that after shows 80% if leads that people get, 80% of the conversations end up on the show floor, meaning people forget about it, people forget who they talk to, people forget that there are actual business opportunities to be had here so we try to help out and keep the conversations going," explained Jeff Mesnik, Founder and President of ContentMX, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Let’s face it, embracing new storage technologies, capabilities and upgrading to new hardware often adds complexity and increases costs. In his session at 18th Cloud Expo, Seth Oxenhorn, Vice President of Business Development & Alliances at FalconStor, discussed how a truly heterogeneous software-defined storage approach can add value to legacy platforms and heterogeneous environments. The result reduces complexity, significantly lowers cost, and provides IT organizations with improved efficienc...
"When you think about the data center today, there's constant evolution, The evolution of the data center and the needs of the consumer of technology change, and they change constantly," stated Matt Kalmenson, VP of Sales, Service and Cloud Providers at Veeam Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discussed how businesses can gain an edge over competitors by empowering consumers to take control through IoT. He cited examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He also highlighted how IoT can revitalize and restore outdated business models, making them profitable ...
In his session at @DevOpsSummit at 19th Cloud Expo, Yoseph Reuveni, Director of Software Engineering at Jet.com, will discuss Jet.com's journey into containerizing Microsoft-based technologies like C# and F# into Docker. He will talk about lessons learned and challenges faced, the Mono framework tryout and how they deployed everything into Azure cloud. Yoseph Reuveni is a technology leader with unique experience developing and running high throughput (over 1M tps) distributed systems with extre...