How To Use Apple Pattern-of-Life Data In Your Investigations

BlackLight and APOLLO: How to Use Apple Pattern-of-Life Data in Your Investigations

BlackLight’s latest release, BlackLight 2019 R3, now has APOLLO framework built in as a plugin to make it even easier for investigators to get the most out of their data. Pattern-of-life data can be used in many types of investigations to get extremely detailed information from device users. What application was a user using three weeks ago? Where has the user been? Was the user walking, running, or sleeping at a given time? Was the user driving distracted, were they parked or moving? Querying and correlating the databases that keep track of these details can help examiners answer a myriad of investigative questions.- Overview of Pattern of Life
– Overview of APOLLO
– BlackLight Integration of APOLLO
– Pattern of Life Examples using BlackLight
– Application Usage
– Device Usage
– Health
– Location

Join BlackBag’s Senior Digital Forensics Researcher, Sarah Edwards, as we dive into this extremely detailed data to make the most out of your investigations.

Register here.

January 30, 2020
11am PST/2pm EST


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Can’t make it live? Register and an on-demand version will be sent upon completion.

About the Presenter:

Sarah Edwards, Senior Digital Forensics Researcher, BlackBag Technologies

Sarah is a Senior Digital Forensics Researcher at BlackBag Technologies working in the DC metro area specializing in Mac and Mobile Forensics. She has worked with various federal law enforcement agencies and has performed a variety of investigations including computer intrusions, criminal, and counter intelligence/terrorism/narcotics. Sarah’s research interests include anything and everything Apple related, mobile devices, digital profiling, and Mac and mobile device security. Sarah has presented at many industry security and forensic conferences and is the author/instructor of SANS FOR518 Mac Forensic Analysis and Incident Response.

About BlackBag Technologies:

BlackBag® Technologies offers innovative forensic acquisition and analysis tools for both Windows and macOS based computers, as well as iOS and Android mobile devices. Its forensic software is used by hundreds of federal, state, and local law enforcement agencies around the world, as well as by leading corporations and consultants, to investigate all types of digital evidence associated with both criminal, civil and internal investigations. BlackBag also develops and delivers expert forensics training and certification programs, designed for both novice and experienced forensics professionals. To learn more, visit www.blackbagtech.com.

Leave a Comment

Latest Videos

Digital Forensics News Round-Up, February 21 2024 #digitalforensics #dfir

Forensic Focus 21st February 2024 6:19 pm

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts. 

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director 
43:45 – Privacy of user data

Alan Platt, Professional Services Consultant at MSAB, discusses his experience as a former UK police officer working in digital forensics. He talks about the different levels of digital forensics capabilities within police forces and how MSAB products like XAMN and XEC Director are used by frontline officers versus lab analysts.

The discussion covers how MSAB partners with law enforcement to develop custom workflows for mobile device acquisitions that facilitate ISO compliance. Alan explains MSAB's managed service offering, where approved MSAB staff can remotely access a customer's XEC Director server to assist with software updates and troubleshooting. He emphasizes the strict data segregation policies enforced by customers to prevent MSAB from accessing any sensitive case data.

Looking ahead, Alan mentions MSAB's new CEO and hints at some exciting developments coming down the pipeline. He spotlights recent enhancements to XEC Director's speed and database functionality for managing large estates of networked Kiosks. Alan also plugs the new XEC Director training he created to help users fully leverage the platform's capabilities.

00:00 – Introduction to Alan Platt
07:00 – Training
12:00 – Workflows
17:20 – Ensuring a secure environment
19:45 – Customer training
20:35 – Helping customers comply with ISO accreditation
25:00 – Validation and verification
27:30 – ISO standards
30:00 – MSAB’s pipeline plans
32:40 – XEC Director
43:45 – Privacy of user data

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_ifoHVkjJtRc

How MSAB Is Managing The Digital Forensics Challenges Of Frontline Policing

Forensic Focus 21st February 2024 3:07 pm

Podcast Ep. 80 Recap: Empowering Law Enforcement With Nick Harvey From Cellebrite

Forensic Focus 20th February 2024 11:49 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles