Add to collection(s) Add to saved
  1. Social Science
  2. Law
  3. Forensic Science

Forensic Toolkit® (FTK®)

advertisement 
Forensic Toolkit (FTK )
®
Zero in on Relevant Evidence Faster.
FTK is recognized around the world as the standard in digital
forensic investigation solutions.
®
FTK® provides you with an entire suite of investigative
tools necessary to conduct digital investigations
smarter, faster and more effectively.
FTK® provides you with and entire quite of investigative tools necessary to conduct
digital investigations smarter, faster and more effectively. It allows you to quickly
establish case facts through innovative and market leading features such as
distributed processing, collaborative case analysis, evidence visualization reports
and more; all in one single comprehensive solution. FTK provides innovative and
integrated features to support data processing integrity, speed and analysis depth.
Key Features
Easy-to-use GUI with automated
preprocessing of forensic data.
Fully interoperable with Mobile Phone
Examiner Plus® (MPE+®), Summation® and the
entire suite of AccessData solutions.
Interoperability with mobile device,
e-discovery and cyber security solutions.
The broadest OS support and analysis on
the market.
Reduce case backlogs by zeroing in on relevant
evidence faster.
Case backlogs are only getting bigger. There just isn’t enough time or resources
to process the data that needs to be examined in each specific case. FTK is built
for speed, stability and ease of use, providing comprehensive data processing
and indexing up front, so filtering and searching is faster than with any other
product on the market. This equates to an increase in analysis speed allowing you
to obtain actionable intelligence much quicker. Additionally, large digital forensic
investigation entities can easily upgrade FTK to expand the processing capacity
and incorporate web-based case management and collaborative analysis to
minimize caseload through division of labor in AD Lab.
Advanced filtering and automated data
categorization.
Do it all. Preview, acquisition, mounting and
analysis of live data.
Flexibility. Available as a perpetual or
subscription license.
Native support for Volume Shadow Copy.
Comprehensive volatile memory analysis.
Add-on Cerberus for automated malware
analysis and triage.
Take Control of Big Data
The use and variety of both computer and other digital devices has grown
exponentially. All criminal cases today involve massive amounts of digital
evidence from many different sources. FTK’s mature database-driven, enterpriseclass architecture allows you to handle and make sense of these massive data sets
through processing stability and data visualization not available with other tools.
With FTK, you can easily separate relevant data from the trivial and easily explain
those nuances to colleagues, attorneys/barristers and jurors. Furthermore, FTK is
the only solution on the market that is purpose built to interoperate with the entire
portfolio of AccessData solutions to help you overcome challenges attributed to
mobile device usage, BYOD, e-discovery, and cyber security.
Password cracking through PRTK/DNA.
Visualization capabilities allow graphic
analysis of file and email data.
Geolocation allows various types of data to
be shown geographically on a map—even
offline!
Powerful index search engine with regular
expression.
World-class training.
With FTK and AD Lab, we are able to
quickly train investigators to use the
interface and collaborate on early
case assessment. This frees up highly
qualified digital forensics analysts to
focus on analysis.
Major Keith Miller, Officer Commanding, Service
Police Crime Bureau, Royal Military Police
www.AccessData.com
© 2015 AccessData Group
Key Benefits
INTEGRATED COMPUTER FORENSIC SOLUTION
FTK allows users to create images, process a wide range of data types from forensic images to email
archives and mobile devices, analyze the registry, decrypt files, crack passwords, and build reports, all
within a single solution.
UNMATCHED PROCESSING
FTK utilizes distributed processing and is the only forensics solution to fully leverage multi-threaded/
multi-core computers. While other forensics tools waste the potential of modern hardware solutions,
FTK is able to use 100 percent of its hardware resources. Examiners in distributed labs can work
together on the same case at the same time, utilizing a division-of-labor approach.
HANDLE MASSIVE DATA SETS WITHOUT CRASHING OR LOOSING WORK
While other products can run out of memory and slow or crash during processing, FTK is database
driven with a modular architecture that provides the stability necessary to handle data sets of nearly
any size.
FEATURE RICH OUT OF THE BOX
FTK is far and away the best value on the market given features like visualization, explicit image
detection (EID), password cracking and remote machine analysis all included at a single price point.
FAST, COMPREHENSIVE INDEX AND BINARY SEARCHING
By processing and indexing data up front and leveraging the powerful dtSearch® engine, as well as a
full-featured regular expression engine, FTK produces fast and accurate results.
FILE AND DISK ENCRYPTION SUPPORT
With proper credentials, you can decrypt technologies, like BitLocker®, CREDANT®, SafeBoot®,
Utimaco®, PGP®, GuardianEdge®, Sophos® Enterprise and S/MIME and more. FTK can also decrypt
hundreds of file types. It will decrypt files during processing with passwords you provide, or you can
select encrypted files within FTK and send them to the built-in Password Recovery Toolkit® (PRTK®/
DNA) module for password recovery.
ADVANCED GALLERY VIEW FOR IMAGES AND VIDEO WITH EID
Quickly identify critical image and video files. In addition, FTK identifies sexually explicit images
automatically, which is an invaluable feature for law enforcement. It not only recognizes flesh tones,
but shapes and image orientations that could be pornographic in nature.
MICROSOFT® PhotoDNA®
Supports Microsoft PhotoDNA, which creates a unique signature for a digital image (like a fingerprint)
that can be compared with the signatures of other images to find copies and variations of images of
interest.
SUPERIOR EMAIL ANALYSIS
FTK supports a wide array of email types, including Notes™ NSF, Outlook® PST/OST, Exchange
EDB, Outlook Express® DBX, Eudora®, EML (Microsoft Internet Mail, Earthlink®, Thunderbird®,
Quickmail®, etc.), Netscape®, AOL® and RFC 833.
SINGLE-NODE ENTERPRISE (REMOTE INVESTIGATION)
Preview, acquire and analyze hard drive data, peripheral device data, and volatile/memory data from
remote systems on your network.
© 2015 AccessData Group
www.AccessData.com
VOLATILE AND MEMORY ANALYSIS
Enumerate all running processes, even those hidden by rootkits, and display associated DLLs, network
sockets and handles in context. Search memory, automatically map hits back to a given process, DLL
or piece of unallocated space, and dump the corresponding item. VAD tree analysis exposes registry
artifacts in memory, parsing and displaying handle information. (Supports Windows® 32- & 64-bit,
Apple®, UNIX® and Linux®)
INTERNET ARTIFACT ANALYSIS
FTK provides broad browser support with SQLite® parsing and includes 40 Internet artifact carvers
for popular web applications, including Facebook®, Google Drive™ (“Docs”), Google Chat™, ICQ® 7M,
Skype™, Dropbox™, Torrent and many, many more.
BROAD SUPPORT AND OS ANALYSIS
Recognized for its superior analysis of iOS® machines, FTK supports B-Trees, .PLISTs, SQLite databases,
.JSON files and .DMG and .DD disk images.
DATA VISUALIZATION FOR AUTOMATED TIMELINE CONSTRUCTION AND SOCIAL ANALYSIS
There is no need to rely on third-party tools to see visual relationships within data! The visualization
technology in FTK displays your data in timelines, cluster graphs, pie charts, geolocation and more.
MALWARE TRIAGE & ANALYSIS
Available as an add-on to FTK, Cerberus allows you to determine the behavior and intent of suspect
binaries, giving you actionable intelligence without having to wait for a malware team to perform
deeper, more time consuming analysis.
LEARN MORE: www.AccessData.com
GLOBAL HEADQUARTERS
+1 801 377 5410
588 West 300 South
Lindon, Utah
USA
NORTH AMERICAN SALES
+1 800 574 5199
Fax: +1 801 765 4370
sales@accessdata.com
INTERNATIONAL SALES
+44 20 7010 7800
internationalsales@accessdata.com
Related documents
PPT Presentation - Projects at Harvard
PPT Presentation - Projects at Harvard
Focus Systems signs exclusive authorized forensic training deal with
Focus Systems signs exclusive authorized forensic training deal with
A30-327
A30-327
9781435498839_Sol_ch07
9781435498839_Sol_ch07
121computerforensicswindowsftklab
121computerforensicswindowsftklab
Advanced FTK - Techno Security & Forensics Investigations
Advanced FTK - Techno Security & Forensics Investigations
ws-procs9x6 - FTK - Fast Tracker for Hadron Colliders
ws-procs9x6 - FTK - Fast Tracker for Hadron Colliders
AccessData Forensic BootCamp
AccessData Forensic BootCamp
the printable Syllabus as an Adobe PDF.
the printable Syllabus as an Adobe PDF.
AD BootCamp 07-08-2013
AD BootCamp 07-08-2013
Yvonne LeClaire - Lewis University
Yvonne LeClaire - Lewis University
King Saud University College of Computer and Information Sciences
King Saud University College of Computer and Information Sciences
Remote Acquisitions with Runtime Software
Remote Acquisitions with Runtime Software
Use of Prodiscovery and FTK
Use of Prodiscovery and FTK
Download
advertisement