BlackLight 2019 R2 is packed full of powerful features you need to complete your investigations more quickly. This release includes new methods to find and export data how and where you need it. From partnerships to connect BlackLight with other tools in your toolkit, to expanded searching capabilities and long requested enhancements – let BlackBag experts walk you through what’s new in this on-demand webinar.This on-demand webinar covers how and why you’ll want to use these new features on your next case:
1. Archive File Processing
2. Additional Smart Indexing Capabilities
3. APOLLO Support
4. Berla iVe Support
5. Updates to Export Features
Join BlackBag’s Vice President of Engineering, Drew Fahey, and Director of Product Management, Ashley Hernandez, for this fast-paced overview of the new features in BlackLight 2019 R2.
Archive File Processing
Archive files can be processed in BlackLight either individually or across an entire volume or device. BlackLight now processes the following archive file types: zip, gz, 7z, tar, and rar. Archives are expanded down to two levels of nested archives.
Process Archives appears as an evidence ingestion option. When the Process Archives option is chosen, all of the archive files on the volume or device selected will be expanded and stored in the BlackLight case files. The data in the expanded archives will be available for other processes run during ingestion (File Signature Analysis, Picture Analysis, Hash Calculation, Smart Indexing, etc.).
Plugin Manager – APOLLO Support
Continuing to expand our ability to integrate with forensic resources, BlackLight now has a Plugin Manager. At this time, the Plugin Manager provides a way to integrate Apple Pattern of Life Lazy Output’er (APOLLO) into BlackLight.
APOLLO, written by Sarah Edwards, is a script which runs a series of queries against the SQLite databases on iOS® and macOS devices. APOLLO’s power is in the SQL queries, each query designed to look at specific iOS data. The queries are categorized by function and stored in text files. APOLLO aims to easily correlate multiple databases with hundreds of thousands of records in order to determine what has happened on the device. For more information on APOLLO, Sarah Edwards has a series of blog posts at https://www.mac4n6.com/blog/.
Berla iVe Support
Working with the Berla Corp, BlackLight is now capable of importing data exported from Berla iVe. Berla Corp is the industry leader in vehicle forensics. Vehicle computers contain a large amount of data useful during an investigation. Data such as routes, vehicle events, location data, connected device, and media can all be contained in computers in a vehicle. Once the data is acquired using the Berla iVe ecosystem, it is then imported into Berla’s iVe forensic software. Berla Corp has added an option in iVe Desktop to export data to a .ivx database for import into BlackLight. BlackLight ingests the .ivx database and processes the data.
In our continued efforts to empower law enforcement and government agencies worldwide to combat the child exploitation epidemic, BlackLight now provides integration with Semantics21 (S21). Semantics21 provides the LASERi suite of tools to examine pictures, animations, and videos. Once images are brought into the tool, they can be categorized into generic categories numbered 0-9 based on users’ preferences.
New Threat Categories Identified in Media
Image Analyzer Threat Categories have been updated in BlackLight 2019 R2. Threat Categories now include:
• Child Sexual Abuse Material (CSAM)
To learn more about these features and additional enhancements, click here.
To learn more about BlackLight, request a quote, request a trial, or renew your license, click here.
About BlackBag Technologies:
BlackBag® Technologies offers innovative forensic acquisition and analysis tools for both Windows and macOS based computers, as well as iOS and Android mobile devices. Its forensic software is used by hundreds of federal, state, and local law enforcement agencies around the world, as well as by leading corporations and consultants, to investigate all types of digital evidence associated with both criminal, civil and internal investigations. BlackBag® Technologies also develops and delivers expert forensics training and certification programs, designed for both novice and experienced forensics professionals. To learn more, visit www.blackbagtech.com.