In our day-to-day operations, we use widely recognized and employed methods and practices of computer forensics, data recovery, and investigative praxis, and we adhere to the same standards that are currently followed by institutions like the US Federal Bureau of Investigations, the Central Intelligence Agency, the National Security Agency, the Interpol, EU’s Europol, UK’s Scotland Yard, the Security Service (MI5), and the Special Intelligence Service (MI6).
In the course of our forensic efforts, we employ software and tools from leading digital forensics brands like Guidance Software, AccessData, Wiebtech, Cellebrite, Paraben, and MD5.
We use practically the entire range of Tableau hardware write blockers, forensic bridges, duplicators, and imagers, especially the TD3. Tableau’s track record is flawless and their hardware allows us to quickly and effectively analyze media and devices seized by law enforcement personnel, and to collect and preserve any evidence we may find in the course of our investigation for use in court proceedings. We employ a wide range of WiebeTech’s hardware write blockers, forensic bridges and forensic field drive imaging kits.
EnCase’s Forensic suite is the most comprehensive digital forensic solution available on the market. Its popularity in computer forensics circles is the direct result of the suite’s broad capabilities and powerful features. EnCase software is the workhorse of digital forensics: it allows us acquire data from disk drives and RAM, documents, images, email, webmail, Internet artifacts, web history and cache, chat sessions, compressed files, backup files, encrypted files, RAID workstations, servers, as well as mine devices such as smartphones and tablets for relevant evidence.
AccessData’s Forensics Toolkit is another integrated digital investigation suite that allows us to create images, acquire and analyze a wide range of data types from multiple sources, ranging from hard drives to mobile devices, network data, and online storage. It also gives the capability to decrypt files and crack passwords.
We also use MD5’s Virtual Forensic Computing software, which allows us to boot seized machines in their natural environment, boot forensic images captured in the field or in the lab, and even work directly from a write-blocked hard drive.
The emergence of the smartphone as the pre-eminent tool of everyday communication has also led the increased use of mobile phones in criminal activity. We’re well equipped to handle all mobile forensics tasks that come our way. Cellebrite’s UFED suite, including its standalone hardware solutions and its vast array of investigation software, gives us extensive extraction and analysis capabilities, regardless of mobile platform or operating system. Complementing our mobile forensics capabilities is Paraben’s Device Seizure software. Its rich feature set includes extracting call log data, text messages and photos, deleted files, user passwords, and GPS data points, and a set of advanced parsers that facilitate the analysis of extracted data.