Using EnCase with the Latest Release of Belkasoft Evidence Center

Yuri Gubanov, Belkasoft

Belkasoft has just updated its digital forensics suite, Belkasoft Evidence Center, making the tool a true, all-in-one forensic solution. When seamlessly integrated with EnCase, the two tools can cover nearly every digital forensic need. Belkasoft Evidence Center helps you jump-start investigations by automatically discovering evidence gathered from many different sources.

In its biggest update in two years, Belkasoft has done more than learn a few new tricks. It now extracts and analyzes evidence from pretty much any data source you can imagine. Hard drives and drive images with Windows, Linux, Ubuntu, and many other operating systems; smartphone backups in all popular formats; UFED images and chip-off dumps; live memory dumps; and many virtual machines can be scanned for available evidence. This major update turns Belkasoft Evidence Center into a true, all-in-one digital forensic tool.

We added several new modules to bring about these changes.

Top 6 Reasons to Use EnCase and IEF Together

Jamie McQuaid, Magnet Forensics

As a forensic examiner, you rely on a variety of tools to conduct your investigations. The types and needs of every case vary, often making it necessary to use more than one tool to find what you’re looking for. Depending on the scenario, investigators need to use the tools that will enable them to work through cases thoroughly and efficiently.

A lot of investigators are using EnCase®, by Guidance Software, as their primary forensic suite. EnCase is a great tool because it’s versatile and can recover data in almost any type of investigation you are working with. Whether it’s a network intrusion, malware outbreak, missing persons, child exploitation, or IP theft case, EnCase enables investigators to examine many types of computers and media.

Forensic Focus Review: Guidance Software EnCase Training Computer Forensics I Course in Slough, U.K.

Scar de Courcier

During the first week of December 2014, Guidance Software ran a computer forensics training course at its Slough offices in the UK, with the aim of helping forensic practitioners to understand and use EnCase as part of their investigations. 

Background

The course was developed by Guidance Software with a view to introducing new digital forensics practitioners to the field. The students are usually new IT security professionals, law enforcement agents and forensic investigators, and many have minimal training in computing.  Computer Forensics I is available both in person at one of Guidance Software's training centres, or online via their OnDemand solution, which provides live remote classes for students around the world.

Help for the Help Desk: Announcing EnCase® Remote Recovery + for Fast, Remote File Recovery

When a sales director on another continent needs a contract file un-deleted—stat!—who’s she gonna call? IT help desk. Problem is, that usually means she needs to ship her laptop to headquarters or someone from IT has to get on a plane, train, or automobile. And both of those options require taking her offline when every moment of downtime could lose her a deal.

Enter EnCase® Remote Recovery +.

EnCase and Python – Automating Windows Phone 8 Analysis

James Habben

Roll Call

You may have read my introductory post about using Python scripts with encase. You may have also read my part 2 follow-up, which put a GUI on top of Didier Stevens’ pdf-parser. Did you also read Kevin Breen’s post? He wrote about using EnScript to call out to David Kovar’s analyzemft script using EnScript. Then Chip wrote a post about sending data out to get parsed by parser-usnjrnl.