archives

belkasoft evidence center

This tag is associated with 5 posts

How To Use Connection Graphs By Belkasoft For Complex Cases With Multiple Individuals Involved

A proper connection graph is a must if you need to investigate a complex case with numerous individuals using different communication media. In law enforcement, it may be a drug-related case with several dealers and a network of buyers, or a ring of sexual predators. The corporate sector might need graphs to investigate a circle … Continue reading

How To Perform Remote Acquisition Of Digital Devices With Belkasoft Evidence Center

Remote acquisition of digital devices is a useful option for modern-day organizations, both commercial and government. The main reasons for this are as follows:  As entities grow, their IT environments tend to become more complex, distributed, and dispersed.  Cost-efficiency may not allow organizations to hire trained IT security employees for all the locations.  Ongoing business … Continue reading

How To Analyze Windows 10 Timeline With Belkasoft Evidence Center

Temporal analysis of events (Timeline) can be beneficial when you want to reconstruct events related to computer incidents, data breaches, or virus attacks taking place on a victim’s computer.  Historically, digital forensic timeline analysis has been broken down into two parts:  ‘Timeline’ to describe changes associated with temporal file metadata in a file system. In … Continue reading

How To Use Cross-Case Search With Belkasoft Evidence Center

by Yuri Gubanov Diving deeper may be the key to the eventual success of a digital forensic investigation. This is true not only when it comes to a single given case, but also when it comes to intersections between different cases.  Sometimes, a person being investigated may have associates who are problematic, or who have … Continue reading

Walkthrough: Carving With Belkasoft Evidence Center

by Yuri Gubanov, Danil Nikolaev & Igor Mikhailov © Belkasoft Research Carving is an irreplaceable technique widely used in data recovery and digital forensics. By using carving, we essentially perform a low-level scan of media for various artifacts, looking for signatures—specific sequences of bytes, characteristic of different types of data. This also means that carving … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,271 other followers