[Tool] Forensic Toolkit 4
Forensic Toolkit 4 is now available! This major release is designed to deliver enterprise-class capabilities at a stand-alone price. Now, you can leverage the full functionality of AD Enterprise against a single live remote node. This means FTK users can conduct remote investigations to eliminate travel, reduce response times, and speed acquisitions…. And organizations gain incident response capabilities that are so critical in securing networks. In addition to AD Enterprise functionality, FTK 4 users are able to integrate malware triage and visual analytics with two new FTK add-on modules, the industry-first Cerberus malware triage and analysis module and our new state-of the art Visualization solution.
FTK continues to be the most innovative solution on the market, as well as the best value, giving you integrated functionality that would normally cost tens of thousands of dollars. It’s time to learn the meaning of next-generation digital investigations
Install a persistent agent on a single computer to enable the remote analysis and incident response capabilities of AD Enterprise. Preview, acquire and analyze hard drive data, peripheral device data, (RAM Windows Only) and volatile data on Windows®, Apple® OS, UNIX® and Linux® machines. Uninstall the agent at any time, and push it out to a different computer.
Expanded RAM Analysis
FTK 4 now provides VAD tree analysis. To see a full list of static RAM analysis capabilities
New File System /File Type Support
YAFFS and YAFFS2
Exchange 2010 EDB
Enhanced decryption support (with proper credentials)
Checkpoint Pointsec disk encryption
Sophos Safeguard Enterprise (latest version)
Increased processing performance, especially on systems with more than 8 cores.
New Regular Expression Support for Index Searching
FTK users can now search for advanced combinations of characters against the index.
Added support for soft dongle licensing in virtual machines.
Add Integrated Malware Analysis with CERBERUS
Cerberus is a malware triage technology that is available as an add-on for FTK 4. The first step towards automated reverse engineering, Cerberus provides threat scores and disassembly analysis to determine both the behavior and intent of suspect binaries.
Add state-of-the-art data analytics with VISUALIZATION*
With our new visualization module you can view data in seconds in multiple display formats, including timelines, cluster graphs, pie charts and more.