Belkasoft releases a major update to Belkasoft Evidence Center, the company’s flagship digital forensic solution. The new release adds a number of features to help IT security staff analyze incidents and perform remote investigations, investigate hacking attempts and analyze evidence across case boundaries. With this update, Belkasoft Evidence Center aims to help companies investigate incidents occurred on their corporate network or corporate mobile devices.
More details: https://belkasoft.com/bec95-press-releaseRemote Acquisition of Corporate Computers and Smartphones
Belkasoft Evidence Center 9.5 adds a major new feature to enable IT security personnel investigate incidents without leaving premises. Remote acquisition helps investigators obtain full device images of corporate servers or workstations running in a distributed environment. By using centralized deployment, IT security staff may install an acquisition agent to any computer running on the corporate network. This agent will then obtain full images of the computer’s volatile memory, hard drives and connected smartphones without preventing normal operation and without the need to remove the hard drive(s). Whether the organization has one or multiple locations, this new feature allows non-invasive incident investigations in distributed environments.
Analyzing Hacking Attempts with Incident Investigation
Incident Investigation is another new feature that further expands how Belkasoft Evidence Center is used in corporate environments. Incident Investigation helps companies investigate hacking attempts of Windows-based computers by performing an automated analysis of numerous sources. The tool analyzes the Windows registry, event logs and memory dumps to discover traces of successful and unsuccessful remote attacks that are commonly used to break in to the company’s infrastructure.
Read the entire press-release at https://belkasoft.com/bec95-press-release