Your search for FORENSIC returned 171 results.

The ComboDock is the sort of device that no forensic investigator can afford to be without if they intend to produce evidence that will be acceptable in legal proceedings.

This solution is supplied as software, desktop or rack-mounted. Each network sensor is a separate appliance, handing high-availability, high-security 10/100 or gigabit monitored segments.Running on a hardened OS, based on Red Hat Linux, in a small installation it can be managed using a web-based interface, software or optionally as an appliance.

NetScreen uses multi-method detection (MMD) in its IDS appliance, which also includes intrusion prevention options. MMD integrates stateful signature analysis with the detection of protocol anomalies, traffic anomalies, IP spoofing, layer 2 and SYN-flood attacks. Plus, it includes detection of 'backdoor' exploits and a network honeypot. The NetScreen IDP-100 is rated at 200Mbits/sec throughput, offering a choice of eight Fast Ethernet or two separate gigabit monitoring ports.

StealthWatch employs a completely different approach to traditional IDS, based on signature recognition. Instead of looking for signatures, it 'learns' what kind of activity is normal on your network and looks for abnormal events. Behavior-based IDS has some advantages over signature-based IDS, because less processing power is required and previously unknown attacks can be detected.

This software network-based IDS product requires a dedicated machine running Solaris 8 on either Sun SPARC or Intel hardware. The hardware specification depends on the amount of traffic to be monitored, and gigabit monitoring interfaces are supported. We were supplied with a pre-installed system running on a Dell PowerEdge rack-mounted server - however, customers would have to provide their own hardware; prices quoted are for software only.

EnCase from Guidance Software has established itself as the leading tool for forensic investigators. Perceiving a need for similar tools in the enterprise space, the company announced EnCase Enterprise Edition, bringing most of the functionality enjoyed by criminal forensic investigators to corporate users.

This product uses a project-based approach to forensic activities that helps to ensure that evidence is gathered in an orderly, presentable fashion.

Not too long ago, I was speaking at an International Security Conference on the subject of forensic video analysis. Forensic information is of paramount importance to the security professional. The "hashkeeper" paradigm or model was first introduced a number of years ago by Brian Deering of the National Drug Intelligence Center (www.hashkeeper.org).

EnCase from Guid-ance Software has been at the vanguard of forensics software for some time - and with good reason.
Now in version 4.14, the solution is a powerful ­ collection of correlation and analysis tools, designed to make the forensic investigator's job as easy as possible.