AD Enterprise: Support incident response (IR) activities, enforce policies and conduct investigations spanning computer misuse and employee misconduct while reducing overhead.

AD Enterprise supports the requirements of law enforcement, private sector and forensic practitioners everywhere with a battle tested solution. Built on our proven digital forensics processing engine, Forensic Toolkit (FTK®), AD Enterprise is the solution of choice for more than 2000 global clients.  Enforce compliance and remediate damage by scanning thousands of endpoints for unapproved processes, and where applicable, kill specific processes and initiate batch remediation on either a single machine or multiple endpoints at across an organization’s entire infrastructure.

An intuitive incident response console, secure batch remediation, unsurpassed searching and filtering, and comprehensive logging and reporting are just a few of the reasons AD Enterprise is the investigative tool of choice for data breach and IT security investigators around the globe.     
The ability to forensically analyze multiple computers across your enterprise simultaneously is critical when performing root cause analysis and internal investigations. Furthermore, proactive use of this technology allows you to detect threats that have circumvented the typical signature-based tools, such as antivirus, intrusion detection and other alerting systems.

The depth, breadth and ease-of-use of the forensic/investigative features of AD Enterprise enables IT security staff and investigators to harness the power of a database powered analysis engine for more efficient, effective and sound investigations. The external consulting costs, state and federal regulatory risks and disruptions to day to day operations associated with the traditional methods of forensic-level investigations, e-discovery and incident response can handicap corporations of any size without the proper solutions and training.

X-Ways Capture is a specialized computer forensics tool for the evidence collection phase of a forensic investigation which captures Windows and Linux live systems. It gathers all data from the running computer e.g. on an external USB hard disk, such that during the analysis even encrypted or otherwise protected data can be examined that was unlocked at the point of time when the system was acquired. 

EnCase® Cybersecurity is a unique solution designed to expose and mitigate internal and external risks and threats which evade traditional information security solutions. Understand at the deepest levels what is occurring on your endpoints and ensure 100% visibility into unstructured and volatile data across the enterprise. The powerful cyberforensic capabilities of EnCase Cybersecurity are designed to bring accurate and rapid closure to any incident.

A powerful and easy to use remote investigation solution.

Thoroughly search, collect, preserve, and analyze data from laptops, servers, workstations, and virtually any other endpoint in your organization, even when they are not connected to the network, - without disrupting your day-to-day operations.

Block Malicious DNS Call-backs

CrowdStrike Falcon DNS leverages anomaly detection and our proprietary threat intelligence to protect your network from targeted attacks by identifying and blocking malicious DNS call-backs.

Detect Respond Reveal

Falcon Host is an endpoint threat detection and response product that identifies unknown malware, detects zero-day threats, and prevents damage from targeted attacks in real-time. Integrates with existing security architecture and SIEM tools through Falcon Host APIs. No on-premises equipment needed, reducing overall total cost of ownership.

Endpoint Activity Monitoring & Real-time Forensics. CrowdStrike Falcon Host supports Microsoft Windows and Mac workstations and servers

Forensic Toolkit® (FTK®): Recognized around the World as the Standard Digital Forensic Investigation Solution.

FTK is a court-cited digital investigations platform built for speed, stability and ease of use. It provides comprehensive processing and indexing up front, so filtering and searching is faster than with any other product. This means you can “zero-in” on the relevant evidence quickly, dramatically increasing your analysis speed. Furthermore, because of its architecture, FTK can be setup for distributed processing and incorporate web-based case management and collaborative analysis.

Internet Password Breaker instantly reveals Internet passwords, recovers login and password information which protects various Web resources and mailboxes in different e-mail clients.

Cloud-based Managed Services - Identify Advanced Malware and Adversary Activity

CrowdStrike's Falcon Managed Protect provides cutting-edge advanced adversary intrusion detection services.

• Leading Intelligence
• Cutting Edge Technologies
• World-class Analysts
• Prioritized Service Delivery
  

P2 Commander utilises Paraben's advanced plug-in architecture to create specialised engines that focus on such things as E-mail, Network E-mail, Chat Logs, File Sorting, Internet file analysis and more all while increasing the amount of data that can be processed and utilizing resources through multi-threading and task scheduling. P2 Commander runs effectively with lower hardware requirements than you thought possible.

SoftBlock is a kernel-based forensic write-blocking tool that quickly identifies devices upon connection, and depending on user preference, mounts them in either a forensically sound read-only manner or a conventional read-write configuration. This product is designed for both large scale forensic lab environments as well as for individual investigators where the need is to preview and analyse one or more evidentiary devices. 

Replace or recover Windows account passwords and forgotten administrator passwords. Need instant access to a locked account? Forgot rarely-used Administrator password? Gain access to that account instantly by simply booting from Elcomsoft System Recovery Boot CD or assign administrative privileges to any user account! EFS encryption? Require original account passwords? Perform a quick attack or retrieve password hashes for off-line analysis!

Elcomsoft Wireless Security Auditor allows network administrators to verify how secure a company’s wireless network is by executing an audit of accessible wireless networks. Featuring patent-pending cost-efficient GPU acceleration technologies, Elcomsoft Wireless Security Auditor attempts to recover the original WPA/WPA2-PSK text passwords in order to test how secure your wireless environment is.