From cyber-crime to insider trading, digital investigators are increasingly being asked to



Yüklə 17,01 Kb.
Pdf görüntüsü
tarix08.10.2017
ölçüsü17,01 Kb.
#4016


From cyber-crime to insider trading, digital investigators are increasingly being asked to 

handle investigations of all kinds often involving multiple people located across multiple 

offices and geographic regions. Built on the same technology as EnCase Forensic and 

deployed on more than 20 million endpoints, EnCase Endpoint Investigator - External 

Investigations is helping numerous law-enforcement and government agencies as well 

as 65 of the Fortune 100 do just that every day.



Why Upgrade to EnCase Endpoint Investigator - External Investigations from  

EnCase Forensic?

Forensic investigators around the world trust EnCase Endpoint Investigator -  

External Investigations to: 

•  Investigate computers remotely from an Examiner machine

•  Conduct investigations on multiple computers simultaneously

•  Preview and collect data discreetly and in a forensically sound manner

•  Perform investigations securely and with a detailed audit trail

The Most Powerful and Easy-To-Use Remote Investigations Solution

Easily installed in about an hour, EnCase Endpoint Investigator - External Investigations 

gives your team everything you need to immediately and thoroughly search, collect,  

preserve, analyze, and report on data from servers and endpoints anywhere on a network 

from one or multiple Examiner machines—without user disruption or system downtime. 

UPGRADE YOUR INVESTIGATIVE 

POWER WITH ENCASE

®

  



ENDPOINT INVESTIGATOR -  

EXTERNAL INVESTIGATIONS

Laptops

Examiner


Concurrent

Connection

Concurrent

Connection

User Authentication

Concurrent

Connection

Servers


SAFE

Desktops


Features

•  Affordable price for 

industry-leading technology

•  Broad support of major 

operating systems and  

file systems

•  Easy, scalable deployment 

of servlets to as many target 

machines as needed

•  Enables RAM or volatile 

data searches

•  Can search unallocated 

space for deleted data

•  SAFE operates on standard 

laptop or desktop system

•  Requires no expensive 

back-end database



With EnCase Endpoint Investigator - External Investigations, you can readily:

•  Preview and collect data from multiple machines simultaneously

•  Search multiple machines simultaneously using Sweep Enterprise  

functionality

•  Conduct investigations discreetly, without alerting users

•  Capture volatile artifacts only in live RAM with snapshot functionality

•  Manage investigations and access through SAFE

•  Document investigations with audit trail 



Efficiently Capture Potential Evidence from Volatile Data

The Snapshot feature in EnCase Endpoint Investigator - External Investigations gives 

you the ability to readily capture and analyze volatile artifacts only resident in live 

RAM from target machines—even from multiple target computers simultaneously. 

This unparalleled visibility accelerates the identification of anomalies, which can be 

critical when investigating computer security incidents. Snapshot quickly captures  

volatile data to reveal details about open ports, running processes, and other  

crucial information.



Simplify Management of Multiple Cases

EnCase Endpoint Investigator - External Investigations is geared for the busy investigator, 

offering you the most powerful case-management features on the market. 

With EnCase Endpoint Investigator - External Investigations, you can:

•  Share Findings: Make case information viewable by more than one investigator 

at a time.

•  Manage Cases Concurrently: EnCase Endpoint Investigator - External  

Investigations lets you review data from more than one case at a time,  

simplifying case-comparison analysis functions like keyword searches, 

search hits review, etc.

•  Automate Processing and Indexing: Spend more time analyzing and less 

time on processing and indexing.

Key Differences between EnCase Forensic and 

EnCase Endpoint Investigator - External Investigations

Concurrent case management views enable 

greater speed and efficiency.

About Guidance Software (NASDAQ: GUID) 

We exist to turn chaos and the unknown into order and the known—so that companies and their customers can go about their daily lives as usual 

without worry or disruption, knowing their most valuable information is safe and secure. Makers of EnCase®, the gold standard in digital investigations 

and endpoint data security, Guidance provides field-tested and court-proven applications that have been deployed on an estimated 25 million 

endpoints and work in concert with several other leading enterprise technologies.

Guidance Software®, EnCase®, EnCE™, and EnCEP™ are trademarks owned by Guidance Software and may not be used without prior written permission. All other 

trademarks and copyrights are the property of their respective owners.

Capability

EnCase 

Forensic

EnCase 

Endpoint 

Investigator

Remote forensics: One connection at a time

Yes

Yes


Remote forensics: Multiple concurrent connections

No

Yes



Quickly sweep ranges of devices

No

Yes



Centralized user account management

No

Yes



Comprehensive audit capability

No

Yes



Robust “Check-in” connectivity support (VPN user, mobile user)

No

Yes



Yüklə 17,01 Kb.

Dostları ilə paylaş:




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©www.genderi.org 2024
rəhbərliyinə müraciət

    Ana səhifə