Quantcast

Belkasoft Evidence Center 6.2 Enables Forensic Analysis of Windows Event Log, Chip-Off Analysis of Mobile Devices

April 2, 2014

A major update to the company's flagship forensic product, Belkasoft Evidence Center 2014, enables forensic support for Windows Event Log, implements analysis of chip-off binary dumps acquired from many types of mobile devices, and enhances Mac OS X support with more carving options.

St. Petersburg, Russia (PRWEB) April 02, 2014

Belkasoft announces a major update to its flagship forensic product, Belkasoft Evidence Center 2014. Version 6.2 adds forensic support for Windows Event Log, an essential source of data available in all Windows systems, and implements forensic analysis of chip-off binary dumps acquired from many types of mobile devices. Mac OS X support is extended with more carving options. In addition, the new release features general performance improvements, enhanced reporting and extended application support.

Forensic Analysis of Windows Event Log

Windows Event Logs are an extremely important source of information. The logs contain records about events generated by Windows application and the operating system itself. The logs contain evidence about applications being installed and uninstalled, Windows sessions, security-related events, information about launching and using many individual applications and system services.

Version 6.2 of Belkasoft Evidence Center implements forensic support for Windows Event Logs, enabling investigators to discover, search and analyze information contained in event log files generated by Windows systems.

The support for Event Log forensics improves investigations and extends available evidence by including user activities and system events recorded in the Event Log. When displayed in the Timeline, information from the Event Log provides a greater outlook of user activities, application and system events occurring on the computer during the period being investigated.

Chip-Off Forensics

Chip-off is an advanced acquisition technique involving the physical removal of flash memory chips from mobile devices being acquired, with subsequent extraction of raw data. Chip-off acquisition is generally used when software-based acquisition techniques are no longer possible due to hardware damage or security-based access restrictions. By using specialized equipment, chip-off acquisition extracts a complete physical image of the device.

Belkasoft Evidence Center 6.2 introduces support for binary dumps obtained with chip-off acquisition, enabling investigators to discover evidence contained in binary dump files acquired with hardware-based techniques. Chip-off analysis helps investigators extract a wide range of artifacts such as calls, application data, SQLite databases, and much more.

Other Improvements and Enhancements

In version 6.2, Belkasoft Evidence Center enhances Mac OS X analysis, enabling the discovery and analysis of EML, EMLX, Firefox, Safari applications and enabling carving of deleted data for images, Adium, AIM, Firefox, Safari, iChat, and Fire IM.

Numerous new applications are supported including ICQ 8.2, Mail.Ru 6.2, Mail.Ru for Windows 8, Gmail offline. Enhanced reporting, general stability and performance enhancements and improved EnCase integration are also included.

Numerous performance and usability enhancements are incorporated in this release. More information about what’s been updated in version 6.2 is available at http://belkasoft.com/bec/en/Whats_New_In_Version_6.2

About Belkasoft Evidence Center 2014

Belkasoft Evidence Center is the company’s flagship computer forensic tool enabling security experts and forensic specialists collect and analyze more digital evidence than ever. Belkasoft Evidence Center can automatically locate, process and analyze volatile evidence stored in the computer’s RAM, identify encrypted files, carve Internet chat logs, Web browsing history and email communications including information stored in digital pictures and videos. The ability to process office documents in a wide range of formats enables investigators to perform near-instant full-text search among all the documents discovered on the suspect’s PC.

Low-level access to hard disk and system structures means that even data that’s been deleted by the suspect cannot escape from investigators. Supporting Windows, Unix/Linux, Android and Mac OS X file systems, natively mounting images created in EnCase, DD and SMART formats, UFED and chip-off binary dumps, FTK images and many popular virtual machines without using these or any third-party tools, Belkasoft Evidence Center can collect more evidence than any single competing tool in its class.

Pricing and Availability

Belkasoft Evidence Center 2014 is available immediately. Pricing for Evidence Center Chat Analyzer edition starts from $199.95, while the Ultimate edition is available from $1099.95. There are two editions in between.

About Belkasoft

Founded in 2002, Belkasoft is a computer forensics software manufacturer. Belkasoft products back the company’s "Forensics made easier" slogan, offering IT security experts and forensic investigators solutions that work right out of the box, without requiring a steep learning curve or any specific skills to operate.

Belkasoft Evidence Center 2014 is a world renowned tool used by thousands of customers for conducting forensic investigations, as well as for law enforcement, intelligence and corporate security applications. Belkasoft customers include government and private organizations in more than 60 countries, including the FBI, US Army, DHS, police departments in Germany, Norway, Australia and New Zealand, PricewaterhouseCoopers, and Ernst & Young.

Belkasoft D-U-N-S number 683524694.

Belkasoft NATO Commercial and Government Entity (NCAGE, also CAGE) code SKF09.

Belkasoft is also registered within Central Contractor Registration (CCR), ORCA and WAWF.

Belkasoft is a registered trademark.

More information about the company and its products at http://belkasoft.com

# # #

Information on Belkasoft Evidence Center as well as the free demo download are available at http://belkasoft.com/get

The complete list of additions and enhancements in version 6.2 is available at http://belkasoft.com/bec/en/Whats_New_In_Version_6.2

For the original version on PRWeb visit: http://www.prweb.com/releases/2014/04/prweb11718784.htm


Source: prweb



comments powered by Disqus