forensic

Review: ProDiscover Incident Response

Review: ProDiscover Incident Response

ProDiscover IR is a complete IT forensic tool that can access computers over the network (with agents installed) to enable media analysis, image acquisition and network behaviour analysis.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: Sleuth Kit & Autopsy Browser

Review: Sleuth Kit & Autopsy Browser

Sleuth Kit and Autopsy Browser are excellent examples of what happens when a talented developer builds on good prior work. These products, used together, are freeware open-source computer forensic tools built on the Coroner’s Toolkit. But the developer, Brian Carrier, has taken his considerable expertise in file systems of all kinds and applied it here.
Peter Stephenson,CeRNS, Jul 11 2006 12:00AM Security
Review: EnCase Forensic

Review: EnCase Forensic

Guidance Software's EnCase product is the undisputed heavyweight of the forensic software market, and version 5.0 introduces a slew of new features that will keep its opposition firmly on the ropes.

Jon Tullett Jul 21 2005 12:00AM Security
Review: Forensic Field Kit

Review: Forensic Field Kit

WiebeTech's forensic kits tackle two very specific points of pain for forensic investigators: conducting field acquisition and transporting data safely (to prevent damage and ensure the chain of evidence is unchallengeable).

Jon Tullett Jul 21 2005 12:00AM Security
Review: Inforenz Forager

Review: Inforenz Forager

This tool is designed to help search file systems during forensic examinations. It collects information and meta data associated with files, and offers strong searching and indexing capabilities, although limited to Windows file systems.

Jon Tullett Jul 21 2005 12:00AM Security
Review: NetWitness Appliance

Review: NetWitness Appliance

NetWitness is a network forensics and analysis package available in both software and appliance (really just a preconfigured server) formats.

Jon Tullett Jul 21 2005 12:00AM Security
Review: ProDiscover Incident Response

Review: ProDiscover Incident Response

This product is the big brother of its family, including all the forensic capabilities of other versions with the additional ability to conduct investigations over the network and compare live systems to known-good baselines to establish whether a machine has been compromised or tampered with.

Jon Tullett Jul 21 2005 12:00AM Security
Review: Stellar Phoenix FAT & NTFS

Review: Stellar Phoenix FAT & NTFS

Stellar Phoenix is a product aimed at data recovery, rather than strict forensics, although of course recovery is an important part of incident response. Confronted with a disk with damaged or missing data, the software will attempt to recover information and reconstruct partial data.

Jon Tullett Jul 21 2005 12:00AM Security
Review: Total Event Log Management Suite

Review: Total Event Log Management Suite

This product manages and analyzes Windows server log files. While this activity is not limited to forensics, it is an important incident response tool.

Jon Tullett Jul 21 2005 12:00AM Security
Using File Hashes to Reduce Forensic Analysis

Using File Hashes to Reduce Forensic Analysis

The "hashkeeper" paradigm or model was first introduced a number of years ago by Brian Deering of the National Drug Intelligence Center (www.hashkeeper.org).
Dan Mares Jan 14 2004 1:27PM Security
Review: EnCase Forensic Edition

Review: EnCase Forensic Edition

EnCase from Guid-ance Software has been at the vanguard of forensics software for some time - and with good reason.
Now in version 4.14, the solution is a powerful ­ collection of correlation and analysis tools, designed to make the forensic investigator's job as easy as possible.

Jon Tullett Oct 1 2003 12:00AM Security
ASI masters forensic IT

ASI masters forensic IT

Fleur Doidge Jan 1 2000 12:00AM Hardware

Log In

  |  Forgot your password?