![]() New in FTK: Regular expression support in index searching allows you to search for advanced combinations of characters within indexed data.īROAD FILE SYSTEM. ![]() Leveraging the powerful dtSearch engine, as well as a full-featured regular expression engine, FTK produces fast and accurate results. FTK now provides VAD tree analysis and exposes registry artifacts in memory and will parse and display handle information from memory.įASTER, MORE COMPREHENSIVE INDEX AND BINARY SEARCHINGįTK processes and indexes your data up front, so search and analysis is faster than other products. Memory string search allows you to identify hits in memory and automatically map them back to a given process, DLL or piece of unallocated space and dump the corresponding item. Dump a process and associated DLLs for further analysis in third-party tools. Supports Windows® (32- and 64-bit), Apple®, UNIX® and Linux® operating systems Comprehensive analysis of volatile data Static RAM analysis from an image or against a live system Enumerate all running processes, including those hidden by rootkits, and display associated DLLs, network sockets and handles in context. Secure remote device mounting using the Pico agent. Uninstall the agent at any time and push it out to a different computer for multi-machine analysis. Preview, acquire and analyze hard drive data, peripheral device data, and volatile/memory data on Apple®, UNIX® and Linux® operating systems. Install a persistent or “dissolving” agent on a single computer to enable the remote analysis and incident response capabilities of AD Enterprise. Cancel/Pause/Resume functionality Real-time processing status CPU resource throttlingĮmail notification upon processing completion Pre- and post-processing refinement Advanced data carving engine allows you to specify criteria, such as file size, data type and pixel size to reduce the amount of irrelevant data carved while increasing overall thoroughness. Wizard-driven processing ensures no data is missed. If you are interested in having multiple examiners share a common processing farm and centralized database for collaborative analysis, please contact your sales representative to inquire about Access Data Lab. Every copy of FTK includes a total of 4 processing workers – 1 on the examiner machine and 3 distributed. However, the product is designed to provide the fastest, most accurate and consistent forensic processing possible with distributed processing and true multi-threaded / multi-core support. In addition, FTK components are compartmentalized, so for example, if the GUI crashes, the processing workers continue to process data.įTK is different from other computer forensics solutions in that it processes data up front, so you’re not wasting time waiting for searches to execute during the analysis phase. Unlike other products on the market, FTK is database driven so you won’t experience the crashing associated with memory-based tools. SINCE FTK IS DATABASE DRIVEN, IT MEANS YOU DON’T LOSE WORK DUE TO CRASHING Advanced, automated analysis without scripting. Recover passwords from 100+ applications. Features:Ĭreate images, process a wide range of data types from forensic images to email archives, analyze the registry, conduct an investigation, decrypt files, crack passwords, and build a report all with a single solution. The first step towards automated reverse engineering, Cerberus provides threat scores and disassembly analysis to determine both the behavior and intent of suspect binaries. These modules integrate with FTK to create the most comprehensive computer forensics platform on the market.Ĭerberus is a malware triage technology that is available as an add-on for FTK. In addition, Exterro offers new expansion modules delivering an industry-first malware analysis capability and state-of-the-art visualization. ![]() Known for its intuitive interface, email analysis, customizable data views and stability, FTK lays the framework for seamless expansion, so your computer forensics solution can grow with your organization’s needs. Exterro’s FTK is a court-accepted digital investigations platform that is built for speed, analytics and enterprise-class scalability. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |