The Triage-Examiner Kit includes:
• One portable travel case
• One licensed authentication key
• One 32GB high-speed USB key
• One bootable CD
• One USB extension cable
• One teasing needle
• One portable flashlight
Forensic backlogs are a major problem today, and many forensic labs have drastically reduced backlogs by as much as 90% by implementing proven triage processes. Real-world forensic experience shows that 40% to 50% of all full forensic examinations return negative results. Full examinations can take weeks, whereas triage scans can take only hours to detect the same negative findings, thereby saving significant expense and time.
Triage-Examiner from ADF Solutions is deployed on a Triage key (a 32GB USB flash drive or USB hard drive) and does not require expensive computers or hardware components. Using predefined search profiles, the setup process can be done in two easy steps. The tool is completely automated and runs directly on the suspect computer with minimal user interaction. Triage-Examiner can also utilize the suspect computer to view the results in real time.
With the Triage-Examiner, you can find critical evidence in minutes. ADF forensic tools search the entire suspect drive in four categories and integrate unique technologies, including ActivitySensorTM that allow users to target high value files as quickly as possible. This technology is critical in scenarios where you have limited time to scan a computer.
When inserted into the suspect computer, Triage-Examiner automatically collects critical information and identifies valuable evidence. The collected data can be viewed immediately on the suspect computer or examined later for further analysis.
SearchPaks® use a patented process to capture and deploy powerful search or forensic intelligence. They can be easily configured by users to identify critical digital evidence, including search terms, hash values, image analysis, and regular expressions. The search can be narrowed on file properties including dates, file size, etc. Triage-Examiner also collects extensive system captures, including Internet search and browsing histories, browser map search history, USB device history, and most-used applications.
Comprehensive reporting capabilities are available with customizable Microsoft Word, HTML, or CSV reports that can easily be created for distribution.
When out in the field, it is critical that examiners have a simple, single tool that can extract intelligence from multiple devices and systems. Triage-Examiner was designed with this in mind and supports multiple operating platforms including Windows, Macintosh, and Linux.
Triage-Examiner is designed to scan computers with a single USB-based ADF license dongle and a separate generic (non-ADF) USB collection device. As a result, users can set up unlimited generic USB collection devices and leverage a single ADF license dongle to start simultaneous scans on multiple computers.
When examiners cannot risk losing valuable information by turning off a suspect computer, they need to be able to capture digital evidence from a running or live device. Triage-Examiner allows live analysis of computers running Windows that cannot be shut down, which minimizes the risk of losing valuable intelligence by capturing all volatile data, including memory from all 32-bit and 64-bit windows operating systems.
Triage-Examiner includes configurable file header definitions for file collection and unallocated space file carving. These key features give forensic examiners the highest confidence in the triage results.
SearchPaks® are encrypted and the permissions restricted to make it easy to disseminate to other examiners inside or outside the organization. The forensic triage community is actively sharing powerful SearchPaks, including those for indecent image detection, indecent keyword detection, registry collection, anti-forensic application detection, and encryption application detection.
Triage-Examiner includes advanced image-matching technology that bypasses the traditional hash value limitations for identifying altered and similar images, including those that have been deleted or found in Thumbs.db files. This technology has helped identify conclusive evidence without deploying time-consuming forensic resources.
When investigating sensitive cases, such as those of child exploitation, it is vital that all necessary evidence is viable in order to prosecute the offender. Digital triage provides a forensically sound strategy to get quick results while maintaining the integrity of the case and preserving all the collected files, including log records.
Call for special pricing. We offer bundled pricing when combined with our products!