Forensics Reviews
Aug 7, 2008
|
Paraben has been the market leader in hand-held forensics because the software is easy to use and covers a wide range of devices, including PDAs, smart phones and cell phones.
Jul 7, 2008
|
eDiscovery is one of those cool buzzwords that lawyers use, but nobody else cares about, right? Well, since 2006 that certainly is no longer the case.
May 22, 2008
|
STRSRCH and URL_SRCH are command-line utilities that can search text files for IP addresses, email addresses, URLs and strings. The biggest advantage of these offerings is the speed at which they can process large amounts of data.
May 21, 2008
|
ProDiscover Forensic 4.9 is a solution that is best used to analyse an entire system. It includes utilities for viewing the registry, event log and internet activity from a captured image.
May 20, 2008
|
We are fans of open-source software and Helix 1.9 falls into this category. Helix has two components, each with its own set of utilities. The first component is the Windows element, which can be started on a booted Windows system by simply inserting the CD into the drive.
May 19, 2008
|
Forensic Toolkit (FTK) is one of the most full-featured sets of products. It includes a forensic imager utility, a registry viewer facility and the Distributed Network Attack, which aids password recovery with the password recovery toolkit.
May 16, 2008
|
Paraben has established itself as the market leader in hand-held forensics because its software is easy to use and covers a wide range of devices including PDAs, smartphones, and mobile phones.
May 8, 2007
|
AccessData is one of the venerable developers of computer forensic software. The company’s biggest strength is that it is — and has been since its inception — the go-to supplier of password recovery tools.
May 3, 2007
|
Live forensics is an emerging field and, although there are a lot of good reasons to use it, there still are caveats.
Apr 18, 2007
|
Of the straight (i.e., not over-the-network) computer forensic tools we examined, EnCase has made the most noticeable changes since last year.
Apr 18, 2007
|
This is one of those "almost there" products that will, we are certain, give competitors a run for their money fairly soon. The LR1000 is a log analysis appliance and has a lot to recommend it.
Apr 18, 2007
|
Beam me up, Scotty, there’s a new over-the-network forensics tool in the lab. The Paraben P2 Enterprise Shuttle is a tool that accesses computers remotely over the network and allows the user to perform a suite of forensic tests.
Apr 18, 2007
|
ProDiscover IR is an over-the-network computer forensics tool. It connects to any computer that has the ProDiscover agent and performs a suite of forensic tests that can be scripted using ProScript, a variant of Perl.
Apr 17, 2007
|
Device seizure is a neat little product that lets you seize and perform forensic analysis on mobile phones, PDAs and other mobile devices.
Jul 11, 2006
|
The Coroner’s Toolkit, or TCT is an open-source set of forensic tools for performing post-mortem analysis on Unix systems. Written by Dan Farmer and Wietse Venema, both very well known in security circles for such programs as SATAN, TCT is not an easy product to use. A serious knowledge of Unix is a prerequisite for success, but if you can manage it, this is an extremely powerful set of tools.
Jul 11, 2006
|
This new version of EnCase shows its pedigree as the oldest of the GUI-based IT forensic tools. We found it very simple to operate and use.
Jul 11, 2006
|
The Forensic ToolKit (FTK) is very powerful and comes loaded with features, although it is naturally difficult to make such a powerful tool completely simple to use. The program interface can overwhelm at first glance, with all its different features and options, but after reading the documentation and getting to know the program, it becomes much more intuitive.
Jul 11, 2006
|
This is a very different type of analysis tool from those infosec professionals are used to. Link analysis, a crucial aspect of incident response, is usually done manually or by trying to use log correlators. This is a true link analyser with a long pedigree in analysing complex crimes and security incidents.
Jul 11, 2006
|
LogLogic’s LX 2000 is an excellent log analysis tool.
It is powerful, can be distributed, and is a mature and useful product. But it is not for the faint-hearted. While its user interface is excellent, it has many hidden capabilities that require some time to understand.
Jul 11, 2006
|
First Response is a freeware audit tool and is a little difficult to use in the beginning. The interface, deploying agents and gathering data can also be a little awkward at first, but this program can be very useful once the user has a grasp on what it does and what it is capable of.