EnCase App Central Delivers its 10,000th App

Guidance Software

EnCase App Central opened its virtual doors in early spring this year with the goal of providing functionality and efficiency to EnCase users by offering EnScripts, templates, and 3rd party Apps. After just a few months, driven by the power of the EnCase community and our 3rd party partners; App Central has become the primary source of efficiency-driving solutions for the tens of thousands of EnCase users worldwide.

Evidence Processor Performance Monitoring - Part II

Guidance Software

Feature Spotlight: Performance Test

In the last feature spotlight, I described the new Performance tab in EnCase Version 7.07. In particular, once you have visibility to the performance of Evidence Processor within EnCase, following questions quickly arise:
  1. What can I do to speed up Evidence Processor from a hardware perspective?
  2. When Evidence Processor is taking longer than expected, what kind of information can I share with Guidance?

Evidence Processor Performance Monitoring - Part I

Ken Mizota

Over the years, digital investigators using EnCase have become intimately familiar with EnCase status reporting for EnScripts and in recent years, Evidence Processor. Over the years, progress reporting in EnCase has more or less, looked like this:

How Does Integration Help You as an Investigator?

Lance Mueller

A new IEF/EnCase Processor Module will be available September 12th.

The IEF/EnCase Connector referenced in the Blog is available here
.

Let’s imagine I have been assigned to investigate case involving an employee who is suspected of posting threatening comments on a co-worker’s Facebook account (this could either be an internal employee misconduct or criminal investigation). The messages were sent yesterday.

Windows Resilient File System Forensics

Ken Mizota

In the fall of 2012, Microsoft made Windows Server 2012 generally available with a quietly announced feature: Resilient File System (ReFS). Of course, Microsoft does not roll out new file systems casually, and when they do, the ripple effects are generally felt slowly. NTFS has been generally available since Windows NT 3.1, released in 1993. If one runs a data center of any size, swapping out the underlying file system of critical or precious data is not a decision taken lightly. In large part, this justifies a general complacence in our field of digital forensics tools when considering how to deal with this new file system. Today, ReFS is a rare bird: investigators just don’t see it very often. We think that is going to begin to change later this year.