|
Digital forensics is
computer-based investigations and analysis techniques to identify,
examine and preserve potential electronic evidence so that it
remains admissible in a court of law.
To address digital forensics
needs, Carolina Advanced Digital offers provides products and
services based on the EnCase software. EnCase software and
professional services are available through Carolina Advanced
Digital.
Advanced Digital Forensics by
Carolina Advanced Digital can investigate cell phone data and
single-PC analysis to investigation of network intrusions. After
an attack, network forensics can identify point of entry, method
of access, damage reports and security recommendations to prevent
future attacks.
Services include
investigation of networks and digital media, including:
- Computers
- Hard disks
- PDAs
- Mobile Phones
Top
The Advanced Digital
Forensics division provides forensic examinations of digital and
computer media to customers including:
- Criminal Prosecutors
- Private Investigators
- Business
- Government Agencies
- Law Enforcement
- Attorneys
- Financial Institutions
- Civil Litigators
Digital forensics may be
needed to examine evidence in criminal and civil cases, including:
- Theft of intellectual
property and/or data
- Corporate HR, including
harassment, policy violations, termination conflicts
- Investigation of external
threats
- Suspicious activities
- Corporate Espionage
- Fraud & embezzlement
- Family law and domestic
issues
- Electronic sabotage
- Electronic document
destruction
- Criminal investigations
Top
- Preservation and authentication
of electronic evidence
- Analysis of computer hard
drives and other electronic media
- Recovery of deleted files,
partitions, formatted drives
- Arbitration support
- Internet investigations
- Expert witness testimony
Top
Incident Response
Options. You have the option to contract services as
needed for forensic investigations after network intrusions and/or
human resources issues.
File System Support. Windows FAT12, FAT16, FAT32,
NTFS, Macintosh HFS, HFS+, Sun Solaris UFS, Linux EXT2/3, Reiser,
BSD FFS, Palm, TiVo Series One and Two, AIX JFS, CDFS, Joliet,
DVD, UDF and ISO 9660. EnCase uniquely supports the imaging and
analysis of RAID arrays, including hardware and software RAIDs.
The EnCase® Evidence File. A proprietary file
created to compress and preserve bitstream images of acquired
media. The EnCase Evidence File is widely known throughout the law
enforcement and computer security industry, and it has been court
accepted to the federal appellate level.
View "Deleted" Files and Other Unallocated Data in Context.
Windows Explorer-type view of deleted and unallocated data. This
includes file slack, swap files, print spooler data and all other
unallocated data files.
Encrypted Volumes and Hard Drive Encryption. Analyze
and acquire mounted encrypted volumes like PGP and DriveCrypt and
give examiners full access to data on hard drives that are wrapped
with encryption technology, such as SafeBoot.
Link File Examination. Gives the examiner valuable
information, such as learning that a suspect is transporting
company data onto a thumb drive or external media, or what files,
applications and shares the suspect commonly used.
Log and Event File Analysis. Provides a single means
to analyze, search and document log and event file data.
Proximity Search. This feature searches through all
files in a case for a specific keyword and returns the responsive
documents with the keyword and a specified number of bytes
surrounding it. This is a critical function when trying to add
context around the information you are searching for.
Internet and Email Search. This feature will find,
parse, analyze and display various types of Internet and email
artifacts across machines. The Internet and email search finds
mail formats such as Hotmail, Outlook, LotusNotes, Yahoo, AOL,
Netscape, mbox, Outlook Express and Internet artifacts from
Internet Explorer, Mozilla, Opera and Safari.
Documentation & Reporting. Lets you define with
detailed granularity what information is presented and how it is
presented, depending on the purpose and target audience of the
investigation. Almost all information revealed by EnCase Forensic
can be exported into various file formats for external reporting
and analysis purposes.
Email Analysis. Find, parse, analyze, display and
document various types of email formats, including Outlook PSTs/OSTs
(‘97–’03), Outlook Express DBXs, Lotus Notes; webmail such as
Yahoo, Hotmail, Netscape Mail; UNIX mbox files like those used by
Mac OS X; Netscape; Firefox; UNIX email applications; and, AOL 6,
7, 8, 9. EnCase Forensic can display deleted emails, notes,
contacts and calendar entries for PSTs and OSTs, as well as copy/unerase
email messages to popular message formats for external reviews.
Browser History Analysis. Powerful and selective
search capabilities for Internet artifacts that can be done by
device, browser type or user. Automatically parse, analyze and
display various types of Internet and Windows history artifacts
logged when websites or file directories are accessed through
supported browsers, including Internet Explorer, Mozilla, Opera
and Safari.
Top
For more information please
contact:
Jeff Griffin
Forensics Services Manager
Advanced Digital Forensics by CAD
919.663.2211 x108
jeff@cadinc.com
|
