Digital forensic evidence is playing a larger role in determining the guilt or innocence of defendants in both civil and criminal matters. As technology captures movement, messages, photos, and the vast majority of what is done on laptops, smartphones, and tablets, it’s increasingly difficult for criminals to cover their digital tracks.
Digital Forensic Investigators’ Skills are Critical as Investigations Grow More Complex
Digital forensic evidence is playing a larger role in determining the guilt or innocence of defendants in both civil and criminal matters. As technology captures movement, messages, photos, and the vast majority of what is done on laptops, smartphones, and tablets, it’s increasingly difficult for criminals to cover their digital tracks.
- On: 4/10/2014
- No comments
-
- Categories: EnCase Forensic , kudos
Part 2 - So much evidence, so many artifacts, so little time…
In my last post, I summarized a handful of apps that are useful to search and explore your case, and apps that help with malware investigations. For latest updates on apps go to EnCase App central directly, or follow us on twitter @EnCase.
Without further ado, here are some more apps that we hope can help you make your case:
- On: 4/09/2014
- No comments
-
- Categories: EnCase App Central , Integration , iOS , Mac OS X , RegRipper , SysTools
Part 1 - So much evidence, so many artifacts, so little time…
I’ve recently taken to tweeting about some of the latest additions to EnCase App Central and it’s been a reminder of the impressive ingenuity and dedication within the digital investigations community. Our humble app store has grown to house over 100 solutions, extending and increasing the efficiency and efficacy of digital investigations. At Guidance Software, we take pride in shipping software that helps investigators find more evidence, faster and we see EnCase App Central as a key component of EnCase.
- On: 4/07/2014
- No comments
-
EnScript Changes From EnCase Version 6 to Version 7
You may know that Version 6 of EnCase keeps the majority of data in memory, which gives you fast access to the evidence items in a case, but is not conducive to handling large data sets. In addition, keeping most data in memory requires that records and entries be handled separately.
EnCase Version 7 behaves in a similar way to a database in that working through multiple evidence items is accomplished using an iterator. This makes for more stable processing and allows the EnScript programmer to handle both entries and records in a more streamlined way. It is possible, for instance, to iterate through all of the evidence items in a case (entries and e-mail attachments, for instance), quickly identifying those items that are pictures or documents.
EnCase Version 7 behaves in a similar way to a database in that working through multiple evidence items is accomplished using an iterator. This makes for more stable processing and allows the EnScript programmer to handle both entries and records in a more streamlined way. It is possible, for instance, to iterate through all of the evidence items in a case (entries and e-mail attachments, for instance), quickly identifying those items that are pictures or documents.
- On: 4/02/2014
- No comments
-
- Categories: EnScript
Brand New & Improved Volatility Reporting Plugin
Over the past couple of years the Guidance Software EnCase consultants and trainers have provided advice and assistance concerning how to manage the digital artifacts from RAM or memory analysis when using Volatility as their tool of choice. The two blog posts below provide insight into the progress.
- On: 3/26/2014
- No comments
-
- Categories: EnCase App Central , Integration , Memory Analysis , Volatility
