Encase
Requirement 6
EnCase is a powerful network enable, multiplatform enterprise investigation platform. It enables immediate response to any computer related incidents and enables thorough forensic analysis. It also preserves volatile and static data on servers, workstations and laptops on and off the corporate network without disrupting operations. Without EnCase organizations must resort to inefficient manual processes using stand alone utilities that extend the response and investigation process by days or weeks and require target systems to be taken out of service. EnCase brings industry standard, law-enforcement grade computer forensic technology to the enterprise for unprecedented incident response and investigative capability. Information security professionals, investigators, auditors and incident response teams can reach any computer within the enterprise in seconds to perform any type of digital investigation. An immediate response is critical to maintaining network and application uptime and reducing the impact of incidents or attacks occurring internally or externally. This translates to anytime, anywhere response and investigative capabilities for information security professionals, computer incident response teams and forensic examiners. EnCase is revolutionizing the practice of enterprise and computer investigations by providing immediate response and thorough analysis of servers, workstations and laptops anywhere on or off the corporate network. Some features from EnCase are : Securely investigate/analyze many machines simultaneously over the LAN/WAN at the disk and memory level, acquire data in a forensically sound manner, using software that has an unparalleled record in courts worldwide, limit incident impact and eliminate system downtime with immediate response capabilities, investigate and analyze multiple platforms Windows, Linux, AIX, OS X, Solaris using a single tool, efficiently collect only
EnCase is a powerful network enable, multiplatform enterprise investigation platform. It enables immediate response to any computer related incidents and enables thorough forensic analysis. It also preserves volatile and static data on servers, workstations and laptops on and off the corporate network without disrupting operations. Without EnCase organizations must resort to inefficient manual processes using stand alone utilities that extend the response and investigation process by days or weeks and require target systems to be taken out of service. EnCase brings industry standard, law-enforcement grade computer forensic technology to the enterprise for unprecedented incident response and investigative capability. Information security professionals, investigators, auditors and incident response teams can reach any computer within the enterprise in seconds to perform any type of digital investigation. An immediate response is critical to maintaining network and application uptime and reducing the impact of incidents or attacks occurring internally or externally. This translates to anytime, anywhere response and investigative capabilities for information security professionals, computer incident response teams and forensic examiners. EnCase is revolutionizing the practice of enterprise and computer investigations by providing immediate response and thorough analysis of servers, workstations and laptops anywhere on or off the corporate network. Some features from EnCase are : Securely investigate/analyze many machines simultaneously over the LAN/WAN at the disk and memory level, acquire data in a forensically sound manner, using software that has an unparalleled record in courts worldwide, limit incident impact and eliminate system downtime with immediate response capabilities, investigate and analyze multiple platforms Windows, Linux, AIX, OS X, Solaris using a single tool, efficiently collect only
References: * Encase. (n.d.). Retrieved from http://www.mediarecovery.pl/doc/encase-enterprise/EnCase_Detailed_Product_Description.pdf * Forensic analysis using guidance software’s encase. (n.d.). Retrieved from http://cse.spsu.edu/raustin2/coursefiles/forensics/Lab5.pdf * Encase cybersecurity. (n.d.). Retrieved from http://www.guidancesoftware.com/encase-cybersecurity.htm