Visualize Big Data, Find the Relevant Evidence Faster
FTK’s database-driven, enterprise-class architecture allows you to handle massive data sets, as it provides stability and processing speeds not possible with other tools. It provides built-in data visualization and explicit image detection technology to quickly discern and report the most relevant material in your investigation. FTK’s interoperability with all AccessData’s solutions, allows you to correlate massive data sets from different sources, such as, computer hard-drives, mobile devices, network data, internet storage and more. This capability makes FTK the only digital investigation solution capable to reduce case investigative times by allowing you to review data and identify relevant evidence, all in one centralized location.
Automated Malware Triage and Analysis
Available as an option to FTK, Cerberus is one tool in your malware arsenal and helps you identify potentially malicious files. It’s the first layer of defense against the risk of imaging unknown devices and allows you to identify risky files after processing your data in FTK. Then you can see which files are potentially infected and you can avoid exporting them. With Cerberus you’ll receive actionable intelligence without having to wait for the malware team to perform deeper, more time consuming analysis.
AccessData’s Decryption Solutions are the Key to Crack it!
AccessData has developed other industry-leading solutions to assist in password recovery. These solutions are used in many different environments to provide specific, password-cracking related functions. Law enforcement and corporate security professionals performing computer forensic investigations, utilize these solutions to access password-protected files. Likewise, administrators can also utilize these solutions to recover system passwords, lost personal passwords and more . AccessData’s Password Recovery Toolkit® (PRTK®) and Distributed Network Attack® (DNA®) provide access to passwords for a large number of popular software applications. PRTK runs on a single machine only. DNA uses multiple machines across the network or across the world to conduct key space and dictionary attacks.
The following add-ons are available to enhance the power and speed of password-cracking with PRTK and/or DNA.
Rainbow (Hash) Tables
Rainbow Tables are pre-computed, brute-force attacks. In cryptography, a brute-force attack is an attempt to recover a cryptographic key or password by trying every possible key combination until the correct one is found. How quickly this can be done depends on the size of the key, and the computing resources applied. A system set at 40-bit encryption has one trillion keys available. A brute-force attack of 500,000 keys per second would take approximately 25 days to exhaust the key space combinations using a single 3 GHz Pentium 4 computer. With a Rainbow Table, because all possible keys in the 40-bit keyspace are already calculated, file keys are found in a matter of seconds-to-minutes; far faster than by other means. DNA and PRTK seamlessly integrate with Rainbow Tables.
Portable Office Rainbow Tables (PORT)
AccessData Portable Office Rainbow Tables (PORT) are different from the full Hash tables set. A statistical analysis is done on the file itself to determine the available keys. This takes far less space than the Hash Tables, but also takes somewhat more time and costs a small percentage in accuracy.
Let’s Get Started
FTK leverages multi-machine processing capabilities, cutting case processing times more than 400% vs. leading competitor reducing case backlog significantly; it performs comprehensive processing upfront greatly increasing the speed with which an examiner can focus on the actual investigation.