Showing posts with label Internet Evidence Finder. Show all posts
Showing posts with label Internet Evidence Finder. Show all posts

Top 6 Reasons to Use EnCase and IEF Together

Jamie McQuaid, Magnet Forensics

As a forensic examiner, you rely on a variety of tools to conduct your investigations. The types and needs of every case vary, often making it necessary to use more than one tool to find what you’re looking for. Depending on the scenario, investigators need to use the tools that will enable them to work through cases thoroughly and efficiently.

A lot of investigators are using EnCase®, by Guidance Software, as their primary forensic suite. EnCase is a great tool because it’s versatile and can recover data in almost any type of investigation you are working with. Whether it’s a network intrusion, malware outbreak, missing persons, child exploitation, or IP theft case, EnCase enables investigators to examine many types of computers and media.

So many artifacts, so little time… Summer edition

Ken Mizota

EnCase is an extensible digital investigation platform. Simply put, extensibility reduces time and effort for the investigator. One way to validate this claim for yourself is to take a look at the depth and breadth of the ways EnCase can work with existing tools in your kit. For example: Do you already own Magnet Forensic's IEF? IEF and EnCase work together to reduce work for investigators. Have you considered how to integrate threat intelligence into your DFIR regimen? EnCase and Cisco Security (formerly ThreatGRID) collaborate to reduce IR time and effort. Let’s walk through a few ways extensibility works in your favor.

3 Ways to Make IEF and EnCase Work Better Together

Jamie McQuaid, EnCE, Magnet Forensics

As forensic examiners we all use a variety of tools to conduct our investigations. Because the types and needs of every case vary, so must the tools that support them. We all have our favorites but typically an investigator’s toolbox will be filled with a variety of tools to assist with every scenario we encounter.

Investigators are always taught to use the best tool for the job and to work through cases thoroughly and efficiently. Internet Evidence Finder (IEF) has become a valuable tool for those of us working on cases requiring the analysis of Internet evidence and large volumes of data. IEF is specifically developed to intelligently recover Internet related artifacts from Windows, Mac, Linux, iOS, and Android devices enabling investigators to analyze large amounts of case data quickly and efficiently.

Part 1 - So much evidence, so many artifacts, so little time…

Ken Mizota

I’ve recently taken to tweeting about some of the latest additions to EnCase App Central and it’s been a reminder of the impressive ingenuity and dedication within the digital investigations community. Our humble app store has grown to house over 100 solutions, extending and increasing the efficiency and efficacy of digital investigations. At Guidance Software, we take pride in shipping software that helps investigators find more evidence, faster and we see EnCase App Central as a key component of EnCase.

Working more efficiently with Internet Evidence Finder and EnCase Forensic

Jamie McQuaid
Forensics Consultant, Magnet Forensics

Forensic investigators understand that one of the biggest challenges to their cases is time management. As examiners, we would love to spend three months or more on a single case without any other distractions to ensure that every stone is overturned and every detail met with precision, but this is not the reality. Caseloads continually grow far beyond what one person or team can handle and we require the proper processes and tools to manage these cases quickly and efficiently without compromising quality.

IEF Evidence Processor Module for EnCase v7

Lance Mueller

Magnet Forensics has released the Internet Evidence FinderTM (IEF) Evidence Processor Module for EnCase v7. The IEF Evidence Processor Module for EnCase v7 is designed to assist digital investigators with their workflow by allowing them to run Internet Evidence Finder (IEF) from within EnCase, without the need to start IEF separately and point to the same evidence files you already have loaded in EnCase.

How Does Integration Help You as an Investigator?

Lance Mueller

A new IEF/EnCase Processor Module will be available September 12th.

The IEF/EnCase Connector referenced in the Blog is available here
.

Let’s imagine I have been assigned to investigate case involving an employee who is suspected of posting threatening comments on a co-worker’s Facebook account (this could either be an internal employee misconduct or criminal investigation). The messages were sent yesterday.