24 Jul 2024

Delivering crucial intelligence

Exterro FTK 8.1 Delivers Crucial Intelligence by Investigating Windows, Mobile and Mac Data on Unified Platform

Exterro has announced the launch of FTK 8.1, an award-winning, court-cited digital investigations solution built for speed, reliability, and ease of use and said to have the fastest scalable processing engine on the market.

The company says FTK 8.1 redefines mobile investigations with next-level data processing, the fastest and most collaborative review and analysis technology, near native data reporting, and the most scalable remote Mac collection capabilities on the market.

Most notably, Exterro says FTK 8.1 offers a groundbreaking entity management solution that automatically groups all mobile and computer data by a single device user and then aggregating all their disparate usernames, accounts, and devices into a comprehensive view of their activity. With a clear picture of individuals’ most used applications, devices, and communication patterns, investigators can quickly uncover hidden patterns in complex datasets involving multiple individuals and come to conclusions faster. Then that evidence can then seamlessly be shared with outside reviewers on FTK Central’s web-based platform or via portable case, and evidence stories can easily be communicated via a new, fully customizable report builder that organizes artifacts and timelines into a clear narrative.

“Exterro brings 30 years of market experience and a bold, innovative approach to DFIR with FTK 8.1, making it the solution of choice for mobile, computer, and cloud data investigations,” said Harsh Behl, Vice President of Product Management, Forensic Solutions at Exterro.

“With these new enhancements, investigators can get to the most relevant facts of the case much faster, automatically identifying known aliases so they don’t have to spend hours connecting the dots and creating a comprehensive view of relationships and communication patterns. The key evidence can then be organized and communicated within a single report that embeds artifacts and timelines directly into the narrative. The result is a faster, more efficient, and more effective investigative process.”

For corporate clients conducting large-scale internal investigations, FTK 8.1 supports collection and remediation from the most diverse range of remote devices yet, including collection from a Mac endpoint that is off the corporate network or VPN. Users can also respond to incidents faster by performing rapid triage on compromised remote endpoints with FTK’s new targeted collection presets. It is now easier than ever to collect the most relevant information, analyse it in FTK, then respond at scale.

Exterro FTK 8.1 features allow users to:

Get the full picture of communication patterns in cases with innovative Entity Management technology

Easily communicate evidence stories with FTK’s fully customisable Lab-to-Court Report Builder

Investigate remote Mac users with Off-Network Mac Collection

Streamline mobile device review with FTK’s unified iOS + Android processing and artifact parsing tools

Better analyse chat app data with chat date filters, chat language translation, and visual support for in-line chat replies.

Retrieve and display deleted and edited chat messages better than any other tool in the industry.

Use cutting-edge AI for facial and image recognition during multimedia analysis

Perform rapid triage and targeted IR collections on compromised remote endpoints and gather insights faster with System Summary Collection

Orchestrate cybersecurity workflows by automatically preserving endpoint evidence upon detection of a cyber intrusion with Splunk integration

Share evidence with outside reviewers seamlessly with FTK Central’s web-based platform or a portable case

According to one European police agency during the pre-release launch of FTK 8.1, “FTK’s new entity management technology is a game changer. Once we confirm the owner of a device, our first step in an investigation is to determine who that person is, so we spend hours looking at whom they were talking to and how they were communicating. With entity management, we can immediately understand these communication patterns by seeing a bird’s eye view of all the device user’s conversations across all apps, versus the old way of trying to manually read thousands of chat threads one by one. This feature is going to be a total disruptor in our industry.”

Exterro FTK Forensics Toolkit is one part of Exterro’s comprehensive data risk management platform, which helps organisations set up effective data risk management strategies that align with strict data privacy laws, drive defensible outcomes, manage sensitive data, and mitigate risk. Exterro FTK 8.1 is available now.

Company info: Exterro