AccessData’s AD Enterprise Automates Early Data Collection

25th May 202029th May 2019 by AccessData

Company also rolls out new versions of FTK and AD Lab with enhancements that leverage machine learning to speed up forensics investigations.

AccessData Group today announced the release of AD Enterprise 7.1, a new version of its software for managing internal forensic investigations and post-breach analysis that contains first-to-market integration with cybersecurity platforms to automate the early stages of data collection.

“When your company’s data has been breached, it is critical to maximize the speed of your incident response and conduct rapid preservation of electronic evidence, all while minimizing the impact on business operations,” said Tod Ewasko, vice president of technical engineering at AccessData. “The new version of AD Enterprise automates the previously time-intensive manual process of launching the investigative workflow. This is the first forensic investigation management software product to offer an API that integrates seamlessly with a company’s cybersecurity platform of choice to kick off a post-breach investigation from the first moments after an intrusion has been detected.”

The API, which is available as an add-on option, enables a secure connection between a client’s cyber platform (e.g., Demisto, Phantom, etc.) and AD Enterprise. If the cybersecurity software detects an attack, it sends an alert that is received by AD Enterprise, which initiates a collection job at a designated endpoint. This saves precious time in the initial stages of the incident response by preserving data relating to the root cause of the breach.

“The new AccessData release contains a critical API option that will allow our team to integrate our SIEM platform with our forensic platform,” said Scott Sattler, forensic consultant from SecureLabs.net. “This capability enables us to perform automated response to events detected with SIEM platforms, such as Arcsight or Splunk. This feature will save about 40 minutes of analyst time per incident. The API integration with our SIEM is an important force-multiplier for our existing staff by leveraging the power of automation.”

Other new features built into AD Enterprise 7.1 include parsing support for APFS (Apple File System), added encryption support for Dell Data Centric and Full Disk Encryption, Python scripting enhancements and nine new parsers for mobile data analysis.

“AD Enterprise is the only solution in the marketplace that can perform comprehensive end-to-end post-breach forensic investigations within a single tool by collecting all sorts of complex data types directly at the endpoint, performing memory analysis and executing targeted collections on any file attribute,” said Ewasko.

For more information about the AD Enterprise 7.1 enhancements, please click here.

FTK and AD Lab

AccessData also rolled out new versions of its FTK and AD Lab software products, the company’s digital forensics tools for law enforcement agencies and public sector investigative teams. FTK (Forensic Toolkit®) is a court-cited digital investigations software tool built to help customers find relevant evidence faster, dramatically increase analysis speed and reduce backlogs. AD Lab is a large-scale investigations and processing engine that enables computer forensics labs of all sizes to provide their teams with collaborative analysis, centralized case management and web-based review, thereby dramatically streamlining the investigative process.

FTK 7.1 and AD Lab 7.1 both include new features for image recognition and facial recognition, which allow investigators to train the software to find objects within images. So instead of looking through each image or a large panel of thumbnail images, the software can now rely on machine learning to surface specific individuals.

“The new versions of FTK and AD Lab leverage the power of machine learning technology and image recognition software to more quickly find similar images across various data sets, which saves substantial time during an investigation,” said Ewasko. “Moreover, enhanced mobile analysis capabilities added to both products means that investigators don’t need to waste time toggling between tools. Now all mobile data analysis can be performed in a single trusted solution.”

Other new features developed for FTK 7.1 and AD Lab 7.1 include full API support that enables users to integrate the tools with other software systems (e.g., case management, e-discovery, etc.) and allows for easier transfer of data in the JSON format, as well as new load file templates.

For more information about the FTK 7.1 and AD Lab 7.1 enhancements, please click here.

About AccessData®

Whether it’s for investigation, litigation or compliance, AccessData® offers industry-leading solutions that put the power of forensics in your hands. For more than 30 years, AccessData has worked with more than 130,000 customers in law enforcement, government agencies, corporations and law firms around the world, providing both stand-alone and enterprise-class solutions that can synergistically work together. The company is backed by Sorenson Capital, a leading private equity firm focused on high-growth portfolios. For more information on AccessData, please go to www.accessdata.com.

Latest Videos

Forensic Focus

Throughout the past few years, the way employees communicate with each other has changed forever.

69% of employees note that the number of business applications they use at work has increased during the pandemic.

Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.

Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.

Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.

With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.

Join Monica Harris, Product Business Manager, as she showcases how investigators can:

- Manage multiple cloud collections through a web interface
- Cull data prior to collection to save time and money by gaining these valuable insights of the data available
- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box
- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee
- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_g6nTjfEMnsA

Tips And Tricks Data Collection For Cloud Workplace Applications

Forensic Focus 7 hours ago

As a hybrid working environment continues to be a way of life for many professionals, the way employees communicate has been altered as well. The scope and volume of data that needs to be collected and reviewed from computers, mobile devices and cloud applications is evolving.

As the devices and collaboration platforms employees use changes, the approach to collecting data generated on emerging devices and platforms grows increasingly complex as a result. In a 2022 Endpoint Intelligence benchmark survey, only 65% of legal professionals are confident in their ability to collect relevant data from endpoints.

Understanding this ever-changing collection landscape is essential for legal and litigation technology professionals as modern data increases in volume in discovery.

Join Monica Harris, Product Manager at Cellebrite Enterprise Solutions for an educational discussion on the what, when, why and how of modern data collections for legal teams.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_jVTDS1UTTtA

We’re Not in Document Land Anymore: Modern Data Collections for Litigation Technology Professionals

Forensic Focus 6th March 2023 10:00 am

In this episode of the Forensic Focus podcast, Si and Desi explore the cutting-edge technology of deepfake videos and image manipulation. In addition to discussing the latest technological developments and efforts being made to detect manipulated media, they also examine the associated legal and ethical implications.

Show notes:

Boris Johnson image - https://www.theguardian.com/politics/2023/jan/10/spot-the-difference-boris-johnson-appears-scrubbed-from-photo-posted-by-grant-shapps

Deep Fake Neighbour Wars - https://m.imdb.com/title/tt21371376/

Stalin image - https://www.history.com/news/josef-stalin-great-purge-photo-retouching

Nvidia eye contact AI - https://www.polygon.com/23571376/nvidia-broadcast-eye-contact-ai and https://www.youtube.com/watch?v=xl87WTDrReo

Birthday problem - https://en.wikipedia.org/wiki/Birthday_problem

Same frightening woman in AI images - https://petapixel.com/2022/09/09/the-same-frightening-woman-keeps-appearing-in-ai-generated-images/

Inherent mysogeny of AI portraits - https://www.theguardian.com/us-news/2022/dec/09/lensa-ai-portraits-misogyny

Midjourney - https://www.midjourney.org/

Deepfake porn legality - https://www.theverge.com/2022/11/25/23477548/uk-deepfake-porn-illegal-offence-online-safety-bill-proposal and https://www.technologyreview.com/2021/02/12/1018222/deepfake-revenge-porn-coming-ban/

AIATSIS - https://aiatsis.gov.au/cultural-sensitivity

Fake tiger porn story - https://www.dailydot.com/unclick/tiger-porn-britain-law/

Group photo with no blinking - https://www.countrylife.co.uk/comment-opinion/curious-questions-group-photo-179102

Emma Watson deefake audio - https://www.thetimes.co.uk/article/ai-4chan-emma-watson-mein-kampf-elevenlabs-9wghsmt9c

Domestika - https://www.domestika.org/en/courses/981-introduction-to-interviewing-the-art-of-conversation

Investigative Interviewing - https://www.amazon.co.uk/dp/0199681899?ref=ppx_pop_mob_ap_share

Forensic Focus events calendar - https://www.forensicfocus.com/events/

Si Twitter - https://twitter.com/si_biles

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_i41eg24YGZg

Deepfake Videos And Altered Images - A Challenge For Digital Forensics?

Forensic Focus 13th February 2023 10:30 am

Load More... Subscribe

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.