1. By: Tom Maloney

2. Overview What is ProDiscover What it can be used for A few quick tools A real example ProDiscover vs. ENCASE ProDiscover IR Applications Conclusion

3. What is ProDiscover A program, released in 2002, used to read the contents of a disk Uses a GUI interface and combines older methods used through DOS to easily access and read disk drives Reads and makes a copy of the disk’s contents without altering any data

4. What ProDiscover is used for Computer Forensics View Deleted files Search for contents of a disk Retrieve a file that was accidentally deleted

5. Tools Copy image Report Search Content Internet Events Cluster

6. ProDiscover Basic vs. ENCASE Enterprise Cost Encase-Approx $3,000 Pro Discover- Free Can accomplish the same things however each has a few different tools ENCASE Enterprise can actually read information over a network using P2P Pro Discover needs to have a disk present to view

7. ProDiscover IR Able to read over a network Cost- Approx- $2200 Able to read files with MAC OS

8. How can we use it Police work Accepted in court cases Recover data

9. Conclusion What ProDiscover Is What it can be used for Tools An example of operation ProDiscover vs. Encase ProDiscover IR How we can use it

10. Citations Torres, Erik. "ProDiscover6_Brief_Tutorial." YouTube. YouTube, 11 Nov. 2011. Web. 06 Oct. 2013. "ProDiscover® Forensics - Disk Forensics Tool." ProDiscover® Forensics - Disk Forensics Tool. N.p., n.d. Web. 06 Oct. 2013. "Computer Forensic Software - Encase Forensic." Computer Forensic Software - Encase Forensic. N.p., n.d. Web. 06 Oct. 2013.