Case management tool?

Agreed. Thanks for clarification.

If you were looking for more corporate functionality (albeit, I'm unsure how well it manages digital evidence and its a larger infrastructure cost), then from what I've seen of "vantos" (www.vantos.com) looks promising for internal investigations as a case/investigative management tool.

Just throwing it out there as an option for others.

Hi David,
If you would like a webex of the Lima system please let me know so we can arrange this. This should enable you to evaluate the system without installing. The demonstration version has been discontinued.

Lima enables the user to track any number of cases (SQL Express). This free database has a limit of 4GB so will last for about 1000 cases dependant upon size of casefile. Lima allows direct attachment of any file type to the notes of the case and is stored outside of the database to keep database data slim for slower network links. Any reports that are attached are AES128 Bit encryted on disk. The file type and size is controlled by the system administrator.

Hope this helps all.

The annual case management bump to the thread ) Ok so this was two years ago but I know there was one last year!

Well its procurement time and wondering what people have used or reviewed for their practice or group. I am still looking at DIM and wondering if there is anything out there along the same lines that I should review.

I am going to have to cobble something together in . . . <horrors>SharePoint</horrors> . . .

Gentlemen,

Since the latest statement is that there is consideration of "…cobble something together …" and that also it would seem that it has also been mentioned the consideration of D.I.M. I thought that by now someone would have suggested DFLabs's Open Source forensic tool - PTK.

The core component of the software is an efficient Indexing Engine performing different preliminary analysis operations during the import phase of each piece of evidence. PTK allows simultaneous management of different cases and multi-user profiling. Investigators can work on the same case at the same time. All reports and bookmarks generated by an investigator are saved in a reserved section of the Database. PTK is a Web application based on the very innovative Ajax technology and builds an appealing, highly dynamic and very easy to use interface. Its developers used the PHP language and a back-end MySQL database implementing thus the LAMP structure (Linux-Apache-MySql-PHP).

If you are going to build something anyways, why not start with an Open Source project and go this route of development. You can build unto this tool and in the future enhance with possible add-ons like case notes that are workflow related and also add a depository.

Just a suggested idea. Here is a link to a Wiki page on this project

http//wiki.sleuthkit.org/index.php?title=PTK

It is built upon some established standards within a multi-user set environment. If this does not conform to your Windows needs. Do not forget that through SAMBA you can mount an NTFS drive and interact.

What do you all think of this type of project ?

Wallbanger )

There is now an end to end Digital Forensics Case Management Tool on the market. https://www.sirentec.net

SirenCM Lab Edition is a comprehensive yet flexible case management and investigative support tool for digital forensics professionals. This innovative solution blends flexible deployment, robust security and an intuitive interface into a rock-solid framework to manage Digital Investigations, Incident Response, and eDiscovery matters. As a tool in your arsenal, it allows digital forensic professionals, eDiscovery experts, and Incident Responders from corporate and law enforcement communities to integrate numerous legacy systems into an innovative solution.

My emphasis.

Can you quantify your statement please, specifically around my highlights?

There is now an end to end Digital Forensics Case Management Tool on the market. https://www.sirentec.net

SirenCM Lab Edition is a comprehensive yet flexible case management and investigative support tool for digital forensics professionals. This innovative solution blends flexible deployment, robust security and an intuitive interface into a rock-solid framework to manage Digital Investigations, Incident Response, and eDiscovery matters. As a tool in your arsenal, it allows digital forensic professionals, eDiscovery experts, and Incident Responders from corporate and law enforcement communities to integrate numerous legacy systems into an innovative solution.

There is now an end to end Digital Forensics Case Management Tool on the market. www.sirentec.net

Could you please also provide a better link to SirenCM LAB.

When I do a search for this product, I keep being direct to a David Wood's listing in Linkedin as CTO for SirenTEC.

Since I am not connected to Mr. Wood, I am unable to access his company's website link from Linkedin and when I search for the company on its' own the website does not appear within a Search engine request.

I am able to pull-up from the links previously provided on AD Lab by Access Data and Lima Forensic Case Management by NTA forensics. Your help would be appreciated.

Could you please also provide a better link to SirenCM LAB.

It should be http not https
http//sirentec.net/

Gentlemen,

Since the latest statement is that there is consideration of "…cobble something together …" and that also it would seem that it has also been mentioned the consideration of D.I.M. I thought that by now someone would have suggested DFLabs's Open Source forensic tool - PTK.

The core component of the software is an efficient Indexing Engine performing different preliminary analysis operations during the import phase of each piece of evidence. PTK allows simultaneous management of different cases and multi-user profiling. Investigators can work on the same case at the same time. All reports and bookmarks generated by an investigator are saved in a reserved section of the Database. PTK is a Web application based on the very innovative Ajax technology and builds an appealing, highly dynamic and very easy to use interface. Its developers used the PHP language and a back-end MySQL database implementing thus the LAMP structure (Linux-Apache-MySql-PHP).

If you are going to build something anyways, why not start with an Open Source project and go this route of development. You can build unto this tool and in the future enhance with possible add-ons like case notes that are workflow related and also add a depository.

Just a suggested idea. Here is a link to a Wiki page on this project

http//wiki.sleuthkit.org/index.php?title=PTK

It is built upon some established standards within a multi-user set environment. If this does not conform to your Windows needs. Do not forget that through SAMBA you can mount an NTFS drive and interact.

What do you all think of this type of project ?

Wallbanger )

What PTK has in relationship with a case management tool? I've tried PTK in various linux distribution, totally unusable unless you work of pre-defined images (10 Mb evidence file roll ). I had many issues with the software

-Standard filesystem sometimes not recognized
-Indexing is a neverending process (probably it's the same developer of Encase 7 twisted )
-Loading the evidence directory structure can take up to 30 minutes every time you load the page.

Tried to contact the support without success. The sourceforge forum is dead. The opensource project last update is more than 3 years old. What they really want you to do is buy the professional version that I highly doubt is better than the opensource version.