Notifications

Clear all

EnCase Enterprise vs ProDiscover

mikkie · 2007-04-20T11:54:54Z

I just want to know the merit and demerit of each software.Harlan said ProDiscover is very good product because of its Perl function and its price.How is the demerit?In the SC Magazine, ProDiscover won the BEST BUY products, but EE was not. The reason they comment is just only its price cry I just want more information about them.If there are someone who are using both of them, please tell me the advantage and disadvantage compared Prodiscover with EnCase Enterprise.thanks P

Page 3 / 3 Prev

General (Technical, Procedural, Software, Hardware etc.)

Last Post by apcsbz 12 years ago

28 Posts

11 Users

0 Reactions

5,696 Views

RSS

keydet89

(@keydet89)

Famed Member

Joined: 21 years ago

Posts: 3568

17/09/2007 7:29 pm

Can you please tell me what artifacts/files will indicate if Encase Enterprise has been deployed on a PC, and also what to look for to detect if an image has been taken of a machine remotely or viewed remotely?

Any help greatly appreciated

I'm sure it would be, but I do not have EEE, and can therefore not provide accurate information. Such is the way of the "community"…many want information handed to them, but few are willing to pony up any support (not just money) to further such things.

Harlan

ReplyQuote

Jango

(@jango)

Eminent Member

Joined: 19 years ago

Posts: 26

18/09/2007 6:05 am

ddow, you are correct that I have not posted much. I have been a long time reader and have found the information here extremely useful. I am not a target. I work in a fraud department of a very large company and I currently have an EnCase Forensic V6 license (via my company). I use this for physical acquisitions at remote locations where EE cannot reach. My company also have EE v6 but I've only used EE v5 a few times only.

In saying all this I am not a files systems guru or techie, therefore that's why I asked how I can detect artifacts of a servlet deployment (which should be every machine in my company under normal coreload) and also artifacts indicating EE remote acquisition or image viewing.

BTW, I have also completed the EnCase Intermediate course 2 years ago.
Any help would be appreciated.

ReplyQuote

Anonymous

(@Anonymous)

Guest

Joined: 1 second ago

Posts: 0

19/10/2007 12:33 am

Saw you guys bring up LiveWire. LiveWire is made by the company Cyber Security found at cyberstc.com and you'll see a lot more OnlineDFS and a lot less LiveWire after this month.

3.6 is going to be out soon with a lot of great updates. I'm honestly surprised more people don't know about it.

ReplyQuote

Jango

(@jango)

Eminent Member

Joined: 19 years ago

Posts: 26

19/10/2007 5:28 am

Can anyone help me out here?

ReplyQuote

keydet89

(@keydet89)

Famed Member

Joined: 21 years ago

Posts: 3568

19/10/2007 6:04 am

Jango…with what, specifically?

ReplyQuote

Jango

(@jango)

Eminent Member

Joined: 19 years ago

Posts: 26

19/10/2007 6:10 am

Can you please tell me what artifacts/files will indicate if Encase Enterprise has been deployed on a PC, and also what to look for to detect if an image has been taken of a machine remotely or viewed remotely?

ReplyQuote

kovar

(@kovar)

Prominent Member

Joined: 18 years ago

Posts: 805

19/10/2007 11:50 am

You could build a fresh machine, deploy EE on it, and check to see what changed.

Since you've got valid licenses, you could call tech support and ask them, too.

-David

ReplyQuote

apcsbz

(@apcsbz)

New Member

Joined: 12 years ago

Posts: 4

14/11/2013 11:56 am

I would like to see more details about the differences and similarities. Like File formats, what can be red from other applications, the process and etc

ReplyQuote

Page 3 / 3 Prev

8 Forums
15.7 K Topics
92.3 K Posts
308 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed