F-Response to be bundled with X-Ways Software Technology AG’s X-Ways Forensics

Agile Risk Management LLC announces today that an agreement has been reached with X-Ways Software Technology AG to allow the reselling and bundling of Agile’s F-Response Remote Forensics software with X-Ways Forensics, X-Ways’s premier computer forensic application…X-Ways Forensics (www.x-ways.com) is an advanced computer forensics application and the flagship product of X-Ways Software Technology AG. X-Ways Forensics has been designed from the ground up to provide efficent, low cost, and fast computer forensics capabilities. F-Response(www.f-response.com) is Agile Risk Management LLC’s patent pending solution to remote computer forensics and e-discovery. F-Response perfectly compliments X-Ways Forensics by providing direct raw read-only physical disk access to remote physical disks.

“We are very pleased to be working with Stefan Fleischmann and his staff at X-Ways, we believe firmly that the mission of F-Response is to provide remote physical drive access for use with the very best tools on the market, making this relationship an important part of achieving that mission.” stated Matthew Shannon Principal of Agile Risk Management, LLC.

To learn more about X-Ways Forensics and F-Response together, see http://www.x-ways.net/forensics/f-response.html.

Agile Risk Management LLC & F-Response

Get The Latest DFIR News!

Top DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

F-Response is a Trademark of Agile Risk Management, LLC, headquartered in Tampa, FL. Agile is a premium provider of information security consulting services as well as the sole owner of the F-Response Remote Computer Forensics and e-Discovery Software Suite. Founded in 2003, Agile Risk Management is committed to providing business value with uncompromised integrity.

X-Ways Software Technology AG & X-Ways Forensics

X-Ways Software Technology AG is a business incorporated under the laws of the Federal Republic of Germany as a stock corporation. X-Ways is the leading developer and supplier of computer forensics software in Europe. Their software is used for computer forensics, electronic discovery, data recovery, low-level data processing, and IT security. X-Ways also offers computer forensics training in America, Europe, Asia, and Australia.

Leave a Comment

Latest Videos

Quantifying Data Volatility for IoT Forensics With Examples From Contiki OS

Forensic Focus 22nd June 2022 5:00 am

File timestamps are used by forensics practitioners as a fundamental artifact. For example, the creation of user files can show traces of user activity, while system files, like configuration and log files, typically reveal when a program was run. 

Despite timestamps being ubiquitous, the understanding of their exact meaning is mostly overlooked in favor of fully-automated, correlation-based approaches. Existing work for practitioners aims at understanding Windows and is not directly applicable to Unix-like systems. 

In this paper, we review how each layer of the software stack (kernel, file system, libraries, application) influences MACB timestamps on Unix systems such as Linux, OpenBSD, FreeBSD and macOS.

We examine how POSIX specifies the timestamp behavior and propose a framework for automatically profiling OS kernels, user mode libraries and applications, including compliance checks against POSIX.

Our implementation covers four different operating systems, the GIO and Qt library, as well as several user mode applications and is released as open-source.

Based on 187 compliance tests and automated profiling covering common file operations, we found multiple unexpected and non-compliant behaviors, both on common operations and in edge cases.

Furthermore, we provide tables summarizing timestamp behavior aimed to be used by practitioners as a quick-reference.

Learn more: https://dfrws.org/presentation/a-systematic-approach-to-understanding-macb-timestamps-on-unixlike-systems/

File timestamps are used by forensics practitioners as a fundamental artifact. For example, the creation of user files can show traces of user activity, while system files, like configuration and log files, typically reveal when a program was run.

Despite timestamps being ubiquitous, the understanding of their exact meaning is mostly overlooked in favor of fully-automated, correlation-based approaches. Existing work for practitioners aims at understanding Windows and is not directly applicable to Unix-like systems.

In this paper, we review how each layer of the software stack (kernel, file system, libraries, application) influences MACB timestamps on Unix systems such as Linux, OpenBSD, FreeBSD and macOS.

We examine how POSIX specifies the timestamp behavior and propose a framework for automatically profiling OS kernels, user mode libraries and applications, including compliance checks against POSIX.

Our implementation covers four different operating systems, the GIO and Qt library, as well as several user mode applications and is released as open-source.

Based on 187 compliance tests and automated profiling covering common file operations, we found multiple unexpected and non-compliant behaviors, both on common operations and in edge cases.

Furthermore, we provide tables summarizing timestamp behavior aimed to be used by practitioners as a quick-reference.

Learn more: https://dfrws.org/presentation/a-systematic-approach-to-understanding-macb-timestamps-on-unixlike-systems/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_i0zd7HtluzY

A Systematic Approach to Understanding MACB Timestamps on Unixlike Systems

Forensic Focus 21st June 2022 5:00 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...