|
AD
Triage is an easy-to-use forensically sound triage tool for
the on-scene preview and acquisition of computers that are
live or have been shut down. Built on FTK technology, AD
Triage is ideal for users who are inexperienced with
computer forensics software, but need to preserve evidence
in the field. Now, forensic examiners and non-forensic
personnel alike can acquire volatile and all or targeted
hard drive data from a system in just minutes. It�s a
great option for corporate and government teams who often
need to acquire data from live or dead boxes for internal
investigations, FOIA or even subpoenas. Law enforcement
officers can preserve evidence securely without having to
wait hours for a forensics expert to arrive on scene.
Finally, attorneys, paralegals and litigation support
personnel can easily preserve ESI for the purposes of
e-discovery when handling smaller legal matters.
Using
AD Triage you can preview the file system and target data by
criteria, including keyword(s), hash, regular expression,
file size, date and time, extensions, file path and illicit
images. In addition, users can collect network and system
information, as well as live memory. It allows you to
acquire the full disk, a volume, or peripheral devices,
saving data to a USB device, an external hard drive and
export the data to a designated location on the same
network. You can preconfigure your AD Triage device to
automatically acquire only the data you�ve selected,
allowing inexperienced users to safely and effectively use
the tool. Or experienced forensic examiners can use AD
Triage in manual mode for true triage at the scene.
|
