Efficiently and seamlessly conduct enterprise-wide search, targeted collection, systemized preservation, litigation hold, processing, data assessment and complete legal review – all while keeping costs in line and reducing risk.
AD Enterprise: Support incident response (IR) activities, enforce policies and conduct investigations spanning computer misuse and employee misconduct while reducing overhead.
AD Enterprise supports the requirements of law enforcement, private sector and forensic practitioners everywhere with a battle tested solution. Built on our proven digital forensics processing engine, Forensic Toolkit (FTK®), AD Enterprise is the solution of choice for more than 2000 global clients. Enforce compliance and remediate damage by scanning thousands of endpoints for unapproved processes, and where applicable, kill specific processes and initiate batch remediation on either a single machine or multiple endpoints at across an organization’s entire infrastructure.
An intuitive incident response console, secure batch remediation, unsurpassed searching and filtering, and comprehensive logging and reporting are just a few of the reasons AD Enterprise is the investigative tool of choice for data breach and IT security investigators around the globe.
The ability to forensically analyze multiple computers across your enterprise simultaneously is critical when performing root cause analysis and internal investigations. Furthermore, proactive use of this technology allows you to detect threats that have circumvented the typical signature-based tools, such as antivirus, intrusion detection and other alerting systems.
The depth, breadth and ease-of-use of the forensic/investigative features of AD Enterprise enables IT security staff and investigators to harness the power of a database powered analysis engine for more efficient, effective and sound investigations. The external consulting costs, state and federal regulatory risks and disruptions to day to day operations associated with the traditional methods of forensic-level investigations, e-discovery and incident response can handicap corporations of any size without the proper solutions and training.
AD Lab: Reducing case backlogs through distributed processing and collaborative analysis.
AccessData Lab is a centralized investigative platform that enables division of labor, collaborative analysis, centralized case management and web-based review, thereby dramatically streamlining the investigative process. Furthermore, AD Lab enables distributed processing, allowing investigators to utilize additional hardware to dramatically increase their case processing and resolution speed.
Forensic Toolkit® (FTK®): Recognized around the World as the Standard Digital Forensic Investigation Solution.
FTK is a court-cited digital investigations platform built for speed, stability and ease of use. It provides comprehensive processing and indexing up front, so filtering and searching is faster than with any other product. This means you can “zero-in” on the relevant evidence quickly, dramatically increasing your analysis speed. Furthermore, because of its architecture, FTK can be setup for distributed processing and incorporate web-based case management and collaborative analysis.
Setting the Bar for Legal Review Software since 1988
Staying true to its innovative roots, today’s Summation is the first and only web-based solution that combines native and image ingestion, data processing, early case assessment, case organizer, transcript management and final review in a single platform— entirely eliminating the need for iterative processing, data loading and repetitive review cycles. Offered as a stand-alone, appliance or as a component of AD eDiscovery, Summation covers the post data collection stages of the e-discovery process as well as transcript and case management functionality. All this plus a tool that still addresses the needs of desktop review and heritage Summation users.
Centralize your Forensic Investigation Process
- Centralization of Forensic Data
- Tool Licensing and Asset Management
Belkasoft Evidence Center makes it easy for an investigator to acquire, search, analyze, store and share digital evidence found inside computer and mobile devices. The toolkit will quickly extract digital evidence from multiple sources by analyzing hard drives, drive images, memory dumps, iOS, Blackberry and Android backups, UFED, JTAG and chip-off dumps. Evidence Center will automatically analyze the data source and lay out the most forensically important artifacts for investigator to review, examine more closely or add to report.
There is a seized hard drive in your lab and you want to find all history files it contains. You do not know which means of communication the suspect was using. This product allows you to search whole hard drives for all supported types of Instant Messengers.
There is a seized hard drive in you lab and you want to find all the history files. You do not know which means of communication the suspect was using. The product allows you to search the whole hard drive for all supported types of history: Instant Messenger chats, Browser URLs history and cookies and various mailboxes.
BlackLightâ„¢ represents the next generation in computer forensics. It was specifically designed to analyse iOS (iPhone and iPad), Mac OS X and Classic (OS 9) data, ensuring the highest levels of accuracy. BlackLightâ„¢ offers users an intuitive platform for carving, searching, analyzing and reporting Mac and iOS data within one application.
SoftBlock is a kernel-based forensic write-blocking tool that quickly identifies devices upon connection, and depending on user preference, mounts them in either a forensically sound read-only manner or a conventional read-write configuration. This product is designed for both large scale forensic lab environments as well as for individual investigators where the need is to preview and analyse one or more evidentiary devices.
Capsa is a portable network analyser for both LAN and WLAN which performs real-time packet capturing, 24/7 network monitoring, advanced protocol analysis, in-depth packet decoding, and automatic expert diagnosis. It provides a comprehensive and high-level visibility to your entire network, helps network administrators or network engineers quickly pinpoint and resolve various application problems, and therefore enhance end user experience and guarantee a productive network environment.
Capsa is a great network tool to help lower IT cost, improve network security, enhance customer service, and be more agile.
|nChronos is a back-in-time network analysis server for high performance & critical enterprise networks. It combines nChronos Console and nChronos Server to deliver the capability of 7*24 continuous packet capturing, unlimited data storage, efficient data mining and in depth traffic analysis.
Forensic in-line USB and Flash Media WriteBlocker
- Easy, write-blocked access to a variety of flash media: SD Cards, CompactFlash, Memory Sticks, and USB thumb drives
- Entirely bus-powered -- no need to carry around a separate AC brick
- Highly portable, with compact lightweight design
- Optional read/write mode
- LEDs for indicating power, mode, and access
- Lifetime toll free tech support and 2-year warranty
|The CRU WriteBlocking Validation Utility provides an easy-to-use method to determine if a hardware writeblocker blocks low-level hard drive commands.|
|Through a significant investment in research and development, we have authored a completely new ground-breaking product, engineered through innovation and fresh thinking.|
NetAnalysis® v2 is a state-of-the-art application for the extraction, analysis and presentation of forensic evidence relating to Internet browser and user activity on computer systems and mobile devices. Our NetAnalysisÂ® suite also includes HstExÂ® v4, and advanced data recovery solution designed to recover deleted browser artefacts which can be imported into, and analysed in NetAnalysis®.
NetAnalysis® v2 is a software product that offers significant improvements over existing applications and methodologies.
|FRED is Digital Inteligence's Forensic Recovery of Evidence Device. The FRED family of forensic workstations are highly integrated, flexible and modular forensic platforms and now include Digital Intelligence's exclusive UltraBay II Write Protected Imaging Bay and Ventilated Imaging Shelf.|
|The SATA LIF Adapter is used to adapt a SATA connection to a 1.8" SATA/LIF hard drive.|
|The Black Hole Data Bag VECTOR Kit is designed to shield wireless devices from RF signals while being examined or charged. The Data Bag is an innovative solution that replaces the need for a hard-sided faraday enclosure. With the new VECTOR addition, capacitive touch screen devices can be operated directly with a finger or with the provided stylus. Touch screen device usage no longer requires extra components like foam pieces or cradles!|
It enables the mounting of EnCase; AccessData FTK;
Forensic File Format;
image files as a drive letter under the Windows file system.
Recover My Files data recovery software will recover deleted files emptied from the Windows Recycle Bin, or lost due to the format or corruption of a hard drive, virus or Trojan infection, unexpected system shutdown or software failure.
Recover deleted digital photographs, video, or music. Recover corrupt camera storage media. Regain access to those valuable memories. Simple and easy to use. Download now and view your lost photos.
A powerful and easy to use remote investigation solution.
Thoroughly search, collect, preserve, and analyze data from laptops, servers, workstations, and virtually any other endpoint in your organization, even when they are not connected to the network, - without disrupting your day-to-day operations.
From the simplest requirements to the most complex. EnCase Forensic gives investigators the ability to image a drive and preserve it in a forensic manner using the EnCase evidence file format (LEF or E01), a digital evidence container vetted by courts worldwide.
|Road Warrior is an entire forensic lab inside a rolling case.|
Powerful Portable Forensic Evidence Seizure, Preview and Analysis System. Validated Speeds of 27GB/min.
The Road Warrior is a forensic portable Lab designed as a High-Speed Forensic Data Acquisition and Analysis Workstation.
The Road Warrior is designed within a Ruggedized case built for the road and equipped with all the necessary tools to Forensically seize data from drives supporting today's most common drive interfaces. With a built-in Tri-Screen and high end processor, the Road Warrior offers the Forensic Investigator a powerful and versatile platform for Forensic Data Seizure and Analysis.
A Bay-Mount Write-Blocker With Unmatched Performance & Interface Support
The WriteProtect™-BAY write-blocker provides secure, read-only, write-blocked access to SAS, SATA, USB3.0, FireWire™, IDE (IDE supported with an adapter) and PCIe M.2 suspect hard drives. Extremely fast performance is powered by a Superspeed USB 3.0 host connection to easily manage large capacity hard drives. The WriteProtect-BAY provides support for 6 different storage technologies in a 5.25”, half-height design that fits into the drive bay of your forensic workstation. Logicube, a pioneer in the digital forensic industry, delivers an easy to use, reliable and professional forensic write-blocking solution.
The Only Portable Write-Blocker That Supports 5 Hard Drive Interfaces In One Device
The WriteProtect™-DESKTOP write-blocker provides secure, read-only, write-blocked access to SAS, SATA, USB3.0, FireWire™, and IDE (IDE supported with an adapter) as well as PCIe M.2 suspect hard drives. Extremely fast performance is powered by a Superspeed USB 3.0 host connection to easily manage large capacity hard drives. The WriteProtect-DESKTOP is the only portable write-blocker on the market that provides support for 6 different storage technologies in one compact device. Logicube, a pioneer in the digital forensic industry, delivers an easy to use, reliable and professional forensic write-blocking solution.
|The ZX-Tower (also known as ZX-T), wipe solution provides secure sanitization of hard disk drives. The ZX-T delivers blazing fast wiping at 24GB/min. The multi-target ZX-T allows organizations to easily wipe up to 8 target hard drives simultaneously and also allows user to wipe up to 4 USB 3.0 enclosures. A simple to use icon-based interface and a 5¡È color touch screen makes it easy to operate for all skill levels. The unit features a secure erase mode, a custom pass wipe setting and a powerful DoD specification 7-pass wipe mode.|
Internet Evidence Finder (IEF) is a digital forensics solution that can search a hard drive, live RAM captures, or files for Internet-related evidence. IEF was designed with digital forensics examiners/ investigators in mind. IEF is also used by IT security professionals, litigation support personnel, incident response teams, cyber security specialists and corporate investigators.
IEF can recover evidence left behind within social networking artifacts, instant messaging chat histories, popular webmail applications, web browsing history, and peer-to-peer file sharing applications.
The Detego® Unified Forensics Platform is a true end-to-end investigation suite for the acquisition, analysis and reporting of any digital assets.
VFC enables investigators to rapidly boot a forensic image of a suspects computer or boot a physical write blocked hard drive.
The investigator can then experience the 'desktop' as seen by the original user in an entirely forensic manner. The investigator can use the suspects computer in a read only virtual environment.
The SuperImager Plus Desktop Forensic Lab Unit - is heavy duty, industrial, multiple sources/ multiple targets, and extremely fast Forensic Imaging unit. The unit is running under Linux Ubuntu OS which is less targeted OS by malware, and it reduces the OS performance overhead, especially when it perform compression, by almost 20%. User can use to the unit to perform: Forensic Imaging with full E01 compression (4:4 native SAS/SATA) , Upload 8 Forensic images to network, Erase data includes DoD/ Security Erase/Enhanced Security Erase, View the data directly on Ubuntu Desktop, Encrypt data, Cellphone/Tablets data Extraction and Analysis, and Full Forensic Analysis like Encase/Nuix/FTK. The Unit can be expanded with optional expansion port or express port to support SCSI and 1394 storage devices.
The unit is designed to help expedite the forensic imaging process, especial in facilities where there is a large backlog in imaging hard disk drives.
Also the unit has a feature that solves 1Gigabit/s port limitation in uploading images to the network. User can upload many Forensic images directly to a local network using 8 equivalent 1Gigabit/s network streams with some optional adapters
Some example of the unit's performances:
- Complete Hash verification operation with SHA-1 enabled on SSD @ 31GB/min, on WD 1TB Blue @10GB/min
- Complete Forensic Imaging 1:2 with SHA-1 enabled on 3 SanDisk Extreme II 120GB SSD @ 29GB/Min
- Forensic Imaging of 1:2 with E01 format with compression level 1 @ 8GB/min (Suspect Drive was full with 50% of random data and the compression rate was 66%)
The Unit Built:
The unit built-in 8" Touchscreen color LCD display, 8 native SAS/SATA ports in an open tray, 6 native USB3.0 ports, e-SATA port, USB2.0 generic port, 1Gigabit Ethernet port.
Quickly Process Large Volumes of Digital Evidence
Nuix Investigator Lab is for organizations looking to set up a dedicated facility that can rapidly ingest and process terabytes of digital evidence per day and make it available for timely analysis.
Our investigation software enables multiple investigators and subject matter experts simultaneously to review and collaborate on an investigation with secure remote access, and produce comprehensive reports on your findings. It includes portable and network collection functionality, a separate Nuix Investigator Workstation license for a laptop or desktop PC and up to two days installation and configuration. The base product comes with five reviewer licenses; additional reviewers and Nuix Web Review & Analytics are also available.
Investigate Large Cases and Complex Data Sources with Speed and Precision
Digital investigations frequently involve large numbers of devices including multiple computers, mobile devices and a variety of digital storage media, as well as difficult-to-access corporate data formats and storage systems.
Nuix’s advanced digital forensics software is engineered to triage, process, analyze and bring to the surface critical evidence bridging entire data sets, regardless of the geographical location, repository, file type or size. In addition, Nuix's electronic evidence software can automatically identify key intelligence items such as email addresses and phone, social security and credit card numbers.
Collaborate Online for Faster Results
This powerful web analytics software delivers fast, collaborative eDiscovery review and true early case assessment from any web browser. It provides secure and compartmentalized access to case data for multiple reviewers, lawyers, subject matter experts and external parties—and it rapidly scales to tens or hundreds of reviewers per case, with no complex databases or tricky client plugins to install.
Nuix Web Review & Analytics makes it easy to provide secure and compartmentalized access to case data for multiple reviewers, investigators, subject matter experts and external parties. It offers seamless integration with Nuix eDiscovery and Nuix Director.
As an examiner, you need a specialized tool to perform a thorough analysis of chat logs. Paraben's Chat Examiner is another specialized component of Paraben's P2 Forensic Collection that adds one more powerful program to your toolkit. Whether your case has ICQ, Yahoo, MSN, Trillian, Skype, Hello, or Miranda you'll be able to handle whatever comes your way. Please note that AOL Instant Messenger (AIM) does not have traditional data stores or logs and therefore will not be supported by Chat Examiner.
|E3:Universal has broken the boundaries of digital evidence with its ability to process any type of digital data. E3:U truly masters the three sides of the digital triangle with file system/hard drive data, smartphone/mobile data, and the new emerging IoT data. For any lab or organization, the ability to have one unified interface and control over process is key for efficiency and consistency.|
P2 Commander utilises Paraben's advanced plug-in architecture to create specialised engines that focus on such things as E-mail, Network E-mail, Chat Logs, File Sorting, Internet file analysis and more all while increasing the amount of data that can be processed and utilizing resources through multi-threading and task scheduling. P2 Commander runs effectively with lower hardware requirements than you thought possible.
Unmatched Acquisition Flexibility – Including PCIe Support!
Digital forensic investigators and examiners need the ability to quickly image many different types of suspect drives in their lab through a reliable, forensically-sound product. The Forensic Universal Bridge is the latest integrated write-blocker from Tableau that supports the following types of storage media:
The First Portable PCIe Forensic Write Blocker
The T7u is the first portable write-blocker that enables forensic acquisition of PCIe SSDs, and is the second Tableau PCIe product offering. With the T7u you will be equipped to handle the vast array of new laptops and tablet computers that are making use of these high performance PCIe hard drives.
|The Tableau Forensic Imager is the latest and greatest from Tableau and functions as a portable alternative to carrying a forensic workstation into the field. It is a network-enabled, fully-forensic imager that offers superior local and network imaging performance with no compromises. The TX1 sets a new standard for Forensic Imagers.|
A Tableau second-generation product, replacing the Tableau TD3.
Fox-IT has developed a solution in which digital evidence is stored centrally while tactical investigators can use web browsers simultaneously to study this evidence quickly, easily and at an early stage. This solution is called the Fox Tracks Inspector.
X-Ways Capture is a specialized computer forensics tool for the evidence collection phase of a forensic investigation which captures Windows and Linux live systems.
It gathers all data from the running computer e.g. on an external USB hard disk, such that during the analysis even encrypted or otherwise protected data can be examined that was unlocked at the point of time when the system was acquired.
Davory undeletes files and recovers files from logically corrupted or formatted drives. Incorporates some of the data recovery techniques from WinHex and concentrates on ease of use.
Evidor is software for lawyers, law firms, corporate law and IT security departments, licensed investigators, and law enforcement agencies.
Evidor allows you to search text on hard disks and retrieves the context of keyword occurrences on computer media, not only by examining all files (the entire allocated space, even Windows swap/paging and hibernate files), but also currently unallocated space and so-called slack space. That means it will even find data from files that have been deleted, if physically still existing. Evidor is a small subset of just the search functionality in X-Ways Forensics. Please note that Evidor cannot access remote networked hard disks. For a more powerful solution please use X-Ways Investigator.
X-Ways Forensics is an advanced work environment for computer forensic examiners and our flagship product. It runs under Windows 2000/XP/2003/Vista*/2008*/7*. Compared to its competitors, X-Ways Forensics is more efficient to use after a while, often runs faster, is not as resource-hungry, finds deleted files and search hits that the competitors will miss, offer many features that the others lack, ..., and it comes at a fraction of the cost! It is based on the WinHex hex and disk editor and part of an efficient workflow model where computer forensic examiners share data and collaborate with investigators that use X-Ways Investigator.
X-Ways Investigator is a powerful investigation/document analysis/report generation application for law enforcement, intelligence agencies, and the private sector. It runs under Windows. It was designed for investigators who are specialized in areas such as accounting, building laws, money laundering, corruption, homicide, child pornography, etc.
X-Ways Trace is a computer forensics tool that allows to track and examine web browsing activity and deletion of files through the Windows recycle bin that took place on a certain computer.
WinHex is in its core a universal hexadecimal editor, particularly helpful in the realm of computer forensics, data recovery, low-level data processing, and IT security. An advanced tool for everyday and emergency use: inspect and edit all kinds of files, recover deleted files or lost data from hard drives with corrupt file systems or from digital camera cards.