"Belkasoft becomes a truly DFIR tool covering mobile, computer, memory, cloud and remote forensics, as well as incident response"—says Yuri Gubanov, CEO of Belkasoft.
PALO ALTO, Calif. (PRWEB) July 10, 2019
Searching for, locating and analyzing evidence is a major function of Belkasoft Evidence Center. The searching that was used for years has been replaced with a brand-new and completely reworked engine. Meet ElasticSearch, one of the most powerful indexing engines in existence! ElasticSearch makes the indexing process faster with a much smoother searching experience thanks to multi-threaded access to the index. The new engine makes searching so much more powerful by supporting regular expressions. Finally, ElasticSearch allows using third-party tools and plugins to examine evidence.
iPhone Acquisition and Analysis
Belkasoft Evidence Center 9.6 improves the acquisition and analysis of iOS devices by adding support for local pairing records. Pairing records, or lockdown files, are created on the user’s computer once the user pairs their iPhone or iPad device. Once paired, the device is authorized to exchange information with that computer. Investigators benefit from using lockdown records by being able to access the content of paired iOS devices even if the device’s screen is locked with an unknown passcode. Belkasoft Evidence Center 9.6 supports lockdown records created by both stand-alone and Microsoft Store versions of Apple iTunes.
Belkasoft Evidence Center 9.6 adds support for volumes encrypted with Apple FileVault, the company’s default encryption algorithm for macOS computers. In addition, the tool can now decrypt data stored in flat and nested crypto-containers such as Apple FileVault, Microsoft BitLocker and McAfee Endpoint Security (requires Decryption module and a known password). The ability to access nested encrypted volumes can be vital for many types of investigations.
Enhanced Remote Acquisition
The previous version of Belkasoft Evidence Center introduced Remote Acquisition, a major new feature to enable IT security personnel investigate incidents without leaving premises. The current release enhances and improves Remote Acquisition by adding NAT traverse and remote agent port configuration. The updated Remote Acquisition engine can now collect more evidence by extracting a number of remote artifacts.
Other Improvements and Enhancements
Belkasoft Evidence Center 9.6 offers numerous performance and usability enhancements, massively improved remote acquisition and the ability to decrypt nested crypto-containers. More information about what’s new and updated in version 9.6 is available at https://belkasoft.com/new
About Belkasoft Evidence Center
Belkasoft Evidence Center is a world-renowned tool used by thousands of customers for conducting mobile, computer, RAM, cloud and remote forensic investigations. Belkasoft Evidence Center can automatically acquire digital devices; discover, extract and analyze evidence from a wide range of sources including mobile backups and dumps, computer hard drives and disk images in all popular formats, and memory dumps. The tool can capture and analyze volatile evidence stored in the computer’s RAM, identify encrypted files, carve Internet chat logs, Web browsing history and email communications including information stored in digital pictures and videos. The ability to process office documents in a wide range of formats enables investigators to perform near-instant full-text search among all the documents discovered on the suspect’s PC.
Low-level access to hard disk and system structures means that even data that has been deleted by the suspect cannot escape from investigators. Supporting Windows, Unix/Linux, Android and macOS file systems, natively mounting images created in EnCase, FTK, X-Ways, DD and SMART formats, GrayKey, UFED and OFB images, JTAG and chip-off binary dumps, and many popular virtual machines without using these or any third-party tools, Belkasoft Evidence Center can collect more evidence than any single competing tool in its class.
Pricing and Availability
Existing customers with non-expired Software Maintenance and Support contracts can update to version 9.5 free of charge. Incident Investigations, Remote Acquisition and Cross-Case Search modules can be purchased separately.
Founded in 2002, Belkasoft is a global leader in digital forensics technology, known for their sound and comprehensive forensic tools. With a team of professionals in digital forensics, data recovery and reverse engineering, Belkasoft focuses on creating technologically advanced yet easy-to-use products for investigators and forensic experts to make their work easier, faster, and more effective.
With this focus in mind, Belkasoft introduces their flagship product, Belkasoft Evidence Center—an easy-to-use, integrated solution for collecting and analyzing digital evidence from mobile and computer devices. Customers in law enforcement, police, military, business, intelligence agencies, and forensic laboratories in 130+ countries worldwide use Belkasoft products to fight homicide, crimes against children, drug trafficking, data leakage, fraud, and other online and offline crimes.
More information about the company and its products at https://belkasoft.com
Information on Belkasoft Evidence Center as well as the free demo download are available at https://belkasoft.com/get
The complete list of additions and enhancements in the current release is available at https://belkasoft.com/new