News Feed Item
Advanced Forensic Technologies Uncover Lost and Hidden Evidence Faster Across Computing Devices
|By Business Wire
|January 13, 2014 02:22 PM EST
The big challenges digital investigators face is the time and effort
required to sift through the sheer volume of case data across their
devices. They use several third party solutions to handle specific tasks
which add greater complexity and resources. AccessData,
the leader in incident resolution technology, eliminates some of these
challenges with the introduction of Forensic
Toolkit (FTK) version 5.1 with native forensic investigative
capability of Microsoft’s Volume Shadow Copy (VSC). This new platform
allows for advanced integration and enhanced visibility into all digital
elements and artifacts to ensure that evidence is not missed.
“With the increase in case work caused by the frequency and complexity
of digital investigations, forensic examiners need an easy-to-use
platform that enables a quicker path to evidence discovery," said Brian
Karney, AccessData’s COO & President. “FTK’s VSC support allows
investigators to easily identify and quickly examine ‘digital artifacts’
across different points in time, while leveraging all of the advanced
features of FTK.”
Digital investigators using FTK can now quickly examine file system
snapshots captured by Microsoft’s Volume Shadow Copy (VSC) technology.
Unlike other solutions, FTK gives organizations access to VSC without
the need for additional time-consuming manual processes or use of third
party tools. This translates into a seamless, more efficient
evidence-analysis process, thereby speeding the overall investigation.
"Volume Shadow Copies (VSCs) are extremely useful in digital forensics,”
said Neil Broom, Laboratory Director of Technical Resource Center, an
American Society of Crime Laboratory Directors (ASCLD) Accredited Lab.
“Using VSCs, we have successfully proven that spoliations had been
attempted on a hard drive through the use of anti-forensics tools (i.e.
CCleaner). After CCleaner was run, the hard drive showed no evidence of
the proprietary data we were looking for. After examining the VSCs, we
were able to recover destroyed Registry files that proved the
proprietary data had been accessed on that computer. The VSCs showed a
‘snapshot-in-time’ of when these files were active on the hard drive and
when they were deleted.”
In addition to retrieving metadata for deleted files, VSC analysis with
FTK provides a system point-in-time history that serves as a chronology
of how documents, user activity, programs and other artifacts have
changed over time. For example, this could reveal relevant evidence that
resided in a document at some point in the past but was intentionally
changed and would not be recoverable any other way – a major stumbling
block in digital investigations.
Advanced Geolocation Visualization
FTK also includes evidence geomapping, a new data visualization feature,
which allows investigators to see on a map the geographic
location of evidence items containing geolocation information. This
saves valuable time by providing a visual depiction of where digital
activities and actions took place (a digital crime scene reconstruction)
that may be used as irrefutable evidence in a case.
Other 5.1 features include:
Deeper integration with AccessData’s Password Recovery Toolkit®, industry-leading
decryption technology; PRTK®. This integration allows
users to right-click on an encrypted file and decrypt it on-the-fly.
This option keeps investigators’ workflow simple and allows them to
spend more time reviewing evidence instead of manually engaging in the
file decryption process.
Improved organization of Internet Explorer® 9 Internet artifacts and
web page reconstruction. This provides granular groupings of: IE
Cache Entries, IE Cookies Entries, IE History Entries,
IE Download Entries, and MSIE Recovery Data Entries as
well as an integrated semantic keyword expansion capability to help
examiners leverage additional keywords that may be related, specific,
general or synonymous, enhancing search scope.
Support for Microsoft Resilient File System (MS ReFS) found in Windows
8 and Windows Server 2012.
FTK 5.1 or learn more about additional
features included in the release, please visit www.accessdata.com
About Forensic Toolkit® (FTK®)
Given 5 stars several years running and a recommended designation from SC
Magazine, AccessData's flagship product, Forensic Toolkit, has
forged a category all its own by delivering a radically different
architecture than other forensic tools, more advanced capabilities and a
different approach to processing and analysis. The database-driven
solution introduced distributed processing, integrated volatile data and
memory analysis, the most comprehensive Apple® OS analysis of any other
Windows-based forensics product and built-in decryption capabilities.
FTK is truly an enterprise-class investigative platform, allowing
examiners to remotely preview and acquire computers and handle massive
volumes of data with unmatched speed and accuracy.
5.1 What’s new? Video
Brochures, White Papers Case Studies and Additional Videos
AccessData Group makes the world’s most advanced and intuitive incident
resolution solutions. AccessData technology delivers comprehensive,
real-time insight, analysis, response and resolution of data incidents,
including cyberthreats, insider threats, mobile and BYOD risk, GRC
(Governance Risk & Compliance) and eDiscovery events, and overwhelming
data variety and volume (i.e. “Big Data”). Over 130,000 users in law
enforcement, government agencies, corporations and law firms around the
world rely on AccessData software to protect them against the risks
present in today’s environment of continuous compromise. http://accessdata.com.
Identity is in everything and customers are looking to their providers to ensure the security of their identities, transactions and data. With the increased reliance on cloud-based services, service providers must build security and trust into their offerings, adding value to customers and improving the user experience. Making identity, security and privacy easy for customers provides a unique advantage over the competition.
Aug. 30, 2016 08:15 PM EDT Reads: 2,469
Qosmos has announced new milestones in the detection of encrypted traffic and in protocol signature coverage.
Qosmos latest software can accurately classify traffic encrypted with SSL/TLS (e.g., Google, Facebook, WhatsApp), P2P traffic (e.g., BitTorrent, MuTorrent, Vuze), and Skype, while preserving the privacy of communication content. These new classification techniques mean that traffic optimization, policy enforcement, and user experience are largely unaffected by encryption. In respect wit...
Aug. 30, 2016 08:00 PM EDT Reads: 1,910
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
Aug. 30, 2016 08:00 PM EDT Reads: 2,019
SYS-CON Events announced today that Pulzze Systems will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Pulzze Systems, Inc. provides infrastructure products for the Internet of Things to enable any connected device and system to carry out matched operations without programming.
For more information, visit http://www.pulzzesystems.com.
Aug. 30, 2016 07:15 PM EDT Reads: 314
There is growing need for data-driven applications and the need for digital platforms to build these apps.
In his session at 19th Cloud Expo, Muddu Sudhakar, VP and GM of Security & IoT at Splunk, will cover different PaaS solutions and Big Data platforms that are available to build applications.
In addition, AI and machine learning are creating new requirements that developers need in the building of next-gen apps. The next-generation digital platforms have some of the past platform needs a...
Aug. 30, 2016 07:00 PM EDT Reads: 921
Data is an unusual currency; it is not restricted by the same transactional limitations as money or people. In fact, the more that you leverage your data across multiple business use cases, the more valuable it becomes to the organization. And the same can be said about the organization’s analytics.
In his session at 19th Cloud Expo, Bill Schmarzo, CTO for the Big Data Practice at EMC, will introduce a methodology for capturing, enriching and sharing data (and analytics) across the organizati...
Aug. 30, 2016 06:15 PM EDT Reads: 343
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open.
Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
Aug. 30, 2016 05:45 PM EDT Reads: 3,589
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data.
In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing ...
Aug. 30, 2016 05:00 PM EDT Reads: 896
Fact: storage performance problems have only gotten more complicated, as applications not only have become largely virtualized, but also have moved to cloud-based infrastructures. Storage performance in virtualized environments isn’t just about IOPS anymore. Instead, you need to guarantee performance for individual VMs, helping applications maintain performance as the number of VMs continues to go up in real time.
In his session at Cloud Expo, Dhiraj Sehgal, Product and Marketing at Tintri, wil...
Aug. 30, 2016 04:15 PM EDT Reads: 967
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.
The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago.
All major researchers estimate there will be tens of billions devices - comp...
Aug. 30, 2016 03:30 PM EDT Reads: 3,776
StarNet Communications Corp has announced the addition of three Secure Remote Desktop modules to its flagship X-Win32 PC X server. The new modules enable X-Win32 to safely tunnel the remote desktops from Linux and Unix servers to the user’s PC over encrypted SSH.
Traditionally, users of PC X servers deploy the XDMCP protocol to display remote desktop environments such as the Gnome and KDE desktops on Linux servers and the CDE environment on Solaris Unix machines. XDMCP is used primarily on comp...
Aug. 30, 2016 03:00 PM EDT Reads: 858
SYS-CON Events announced today that StarNet Communications will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
StarNet Communications’ FastX is the industry first cloud-based remote X Windows emulator. Using standard Web browsers (FireFox, Chrome, Safari, etc.) users from around the world gain highly secure access to applications and data hosted on Linux-based servers in a central data center. ...
Aug. 30, 2016 02:30 PM EDT Reads: 957
SYS-CON Events announced today Telecom Reseller has been named “Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
Aug. 30, 2016 02:30 PM EDT Reads: 1,043
SYS-CON Events announced today that Adobe has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York.
Adobe is changing the world though digital experiences. Adobe helps customers develop and deliver high-impact experiences that differentiate brands, build loyalty, and drive revenue across every screen, including smartphones, computers, tablets and TVs. Adobe content solutions are used daily by millions of co...
Aug. 30, 2016 02:00 PM EDT Reads: 3,794
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement.
In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
Aug. 30, 2016 01:45 PM EDT Reads: 675