In Brief
Digital Forensics Software: The Usual Suspects
The four key players in digital forensics software: Guidance, AccessData, Paraben and Technology Pathways
By Mary Brandel
June 04, 2008 — For expert advice on evaluating, implementing and using these tools, see Rules of Evidence - Digital Forensics Tools.
Guidance Software's EnCase
Considered the Cadillac of digital forensics tools, EnCase is the clear market leader in digital forensics, with 26,000 users of its single-workstation version and over 300 users of EnCase Enterprise, which works over the network. While widely accepted, it has also been criticized for being unintuitive and complex. The latest version adds a full-text indexing engine, a native file viewer and expanded e-mail support. EnCase is more expensive than other options, starting at $25,000.
AccessData's Forensics Toolkit
With its release in January 2008 of an enterprise version, AccessData is looking to directly compete with Guidance, with the claim of being easier to learn and use, especially with the help of wizards for data acquisition, filtering, case management and reporting. AD Enterprise contains all the capabilities of its single-workstation product FTK 2.0, but it adds an Oracle back end, allowing for advanced data correlation and reporting.
Paraben Corp. P2
Paraben provides single-workstation toolkits, as well as a suite that enables remote monitoring over the network. Although it has an extensive tool suite, it has not caught on in the industry as well as the EnCase and AccessData products. Its major distinction is its support for handhelds (PDAs running the Palm OS, Windows CE/Pocket PC/Mobile 4.x, BlackBerry and Symbian) as well as cell phones and global positioning system devices.
Technology Pathways' ProDiscover Technology
Pathways was one of the first to offer a remote forensics capability, but according to users, the tool does not scale as well as AccessData and Encase. Users call ProDiscover a powerful evidence-collecting toolset, but other suites offer a fuller set of capabilities outside of investigate inquiries, such as HR compliance reviews.
Other stories by Mary Brandel
Digital Forensics Tools
Log Management in a Cyber World
With so many potential cyber villains poking around the gates, enterprises must have strong protections and pristine visibility into what's happening on the network. Explore the increasing importance of log management as cybercrime and other malicious threats grow.
Comparing Research in Motion and Microsoft Mobile Solutions
Organizations must look carefully at the requirements of mobile devices and accompanying middleware that can increase cost, complexity and administrative overhead. This white paper provides an independent analysis and detailed comparison of RIM and Microsoft's mobile solution.
- Continuous PCI Compliance and Security with Tripwire Solutions
- The Pursuit of a Standardized Solution for Secure Enterprise RBAC
- Building a Secure and Compliant Windows Desktop
- Root Access Risk Control for the Enterprise
- Demystifying IT Risk to Achieve Greater Security & Compliance
- Cyber Crime: A Clear and Present Danger
Stay current with insightful news and analysis on information security, business continuity, identity and access management, loss prevention and more with CSO newsletters!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
