forensic

DXC yet to finish forensics on ATO's faulty SAN

DXC yet to finish forensics on ATO's faulty SAN

Agency took longer than expected to extricate components.
Ry Crozier Jan 15 2018 6:40AM Storage
Review: TeleSign Verify & PhoneID Standard

Review: TeleSign Verify & PhoneID Standard

The concept of using a mobile phone as an authentication device is not new.
Peter Stephenson Sep 7 2012 12:39PM Security
Red faces as Cofee spills onto the net

Red faces as Cofee spills onto the net

Copies of Microsoft's forensic tool surface.
Nov 10 2009 5:45AM Security
Review: Technology Pathways ProDiscover Incident Response

Review: Technology Pathways ProDiscover Incident Response

ProDiscover Forensic 4.9 is a solution that is best used to analyse an entire system. It includes utilities for viewing the registry, event log and internet activity from a captured image.
Peter Stephenson, May 21 2008 11:21AM Security
Review: Forensic Toolkit v2.0

Review: Forensic Toolkit v2.0

Forensic Toolkit (FTK) is one of the most full-featured sets of products. It includes a forensic imager utility, a registry viewer facility and the Distributed Network Attack, which aids password recovery with the password recovery toolkit.
Justin Peltier May 19 2008 3:01PM Security
Review: WetStone Technologies LiveDiscover Forensic Edition

Review: WetStone Technologies LiveDiscover Forensic Edition

WetStone's LiveDiscover is an interesting proposition. It is designed as a first step in locating target systems in large networks.
Peter Stephenson, May 12 2008 11:12AM Security
Review: Forensic Tool Kit v 1.70

Review: Forensic Tool Kit v 1.70

AccessData is one of the venerable developers of computer forensic software. The company’s biggest strength is that it is — and has been since its inception — the go-to supplier of password recovery tools.
Peter Stephenson,CeRNS, May 8 2007 7:54AM Security
Review: LiveWire Investigator v. 3.1.1C

Review: LiveWire Investigator v. 3.1.1C

Live forensics is an emerging field and, although there are a lot of good reasons to use it, there still are caveats.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol May 3 2007 4:15PM Security
Review: EnCase Forensic v. 6

Review: EnCase Forensic v. 6

Of the straight (i.e., not over-the-network) computer forensic tools we examined, EnCase has made the most noticeable changes since last year.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Apr 18 2007 4:08PM Security
Review: LR1000 v. 3.5

Review: LR1000 v. 3.5

This is one of those "almost there" products that will, we are certain, give competitors a run for their money fairly soon. The LR1000 is a log analysis appliance and has a lot to recommend it.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Apr 18 2007 12:00AM Security
Review: P2 Enterprise Shuttle

Review: P2 Enterprise Shuttle

Beam me up, Scotty, there’s a new over-the-network forensics tool in the lab. The Paraben P2 Enterprise Shuttle is a tool that accesses computers remotely over the network and allows the user to perform a suite of forensic tests.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Apr 18 2007 12:00AM Security
Review: ProDiscover IR v 4.9

Review: ProDiscover IR v 4.9

ProDiscover IR is an over-the-network computer forensics tool. It connects to any computer that has the ProDiscover agent and performs a suite of forensic tests that can be scripted using ProScript, a variant of Perl.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Apr 18 2007 12:00AM Security
Review: Device Seizure v. 1.1

Review: Device Seizure v. 1.1

Device seizure is a neat little product that lets you seize and perform forensic analysis on mobile phones, PDAs and other mobile devices.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Apr 17 2007 3:04PM Security
Review: Coroner's Toolkit

Review: Coroner's Toolkit

The Coroner’s Toolkit, or TCT is an open-source set of forensic tools for performing post-mortem analysis on Unix systems. Written by Dan Farmer and Wietse Venema, both very well known in security circles for such programs as SATAN, TCT is not an easy product to use. A serious knowledge of Unix is a prerequisite for success, but if you can manage it, this is an extremely powerful set of tools.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: EnCase Forensic

Review: EnCase Forensic

This new version of EnCase shows its pedigree as the oldest of the GUI-based IT forensic tools. We found it very simple to operate and use.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: Forensic ToolKit

Review: Forensic ToolKit

The Forensic ToolKit (FTK) is very powerful and comes loaded with features, although it is naturally difficult to make such a powerful tool completely simple to use. The program interface can overwhelm at first glance, with all its different features and options, but after reading the documentation and getting to know the program, it becomes much more intuitive.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: i2 Analyst's Notebook

Review: i2 Analyst's Notebook

This is a very different type of analysis tool from those infosec professionals are used to. Link analysis, a crucial aspect of incident response, is usually done manually or by trying to use log correlators. This is a true link analyser with a long pedigree in analysing complex crimes and security incidents.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: LogLogic LX 2000

Review: LogLogic LX 2000

LogLogic’s LX 2000 is an excellent log analysis tool. It is powerful, can be distributed, and is a mature and useful product. But it is not for the faint-hearted. While its user interface is excellent, it has many hidden capabilities that require some time to understand.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: Mandiant First Response

Review: Mandiant First Response

First Response is a freeware audit tool and is a little difficult to use in the beginning. The interface, deploying agents and gathering data can also be a little awkward at first, but this program can be very useful once the user has a grasp on what it does and what it is capable of.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: NetWitness

Review: NetWitness

NetWitness is a network traffic security analyser that the vendor describes as a “security intelligence” tool. Setup is simplified by its new installation wizard, that worked correctly the first time, and was a breeze. We then fed it a set of snort packet logs, that it accepted without complaint, and were able to begin analysis within an hour.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security

Log In

  |  Forgot your password?