Presentation is loading. Please wait.

Presentation is loading. Please wait.

Meet Belkasoft Evidence Center 3.0! Yuri Gubanov CEO, Belkasoft What's new in the recent Belkasoft release?

Published byAugusta Silvia Matthews Modified over 9 years ago

Similar presentations

Presentation on theme: "Meet Belkasoft Evidence Center 3.0! Yuri Gubanov CEO, Belkasoft What's new in the recent Belkasoft release?"— Presentation transcript:

1 Meet Belkasoft Evidence Center 3.0! Yuri Gubanov CEO, Belkasoft http://belkasoft.com What's new in the recent Belkasoft release?

2 Previous forensic software  Belkasoft Evidence Center 1.0, 1.1 and 2.0.  Evidence Center is successor for Belkasoft Forensic Studio  3 separate products in 1: chats, browsers, emails Belkasoft Forensic IM Analyzer  Chats Belkasoft Forensic Carver  Chats, Browsers New Belkasoft release: Belkasoft Evidence Center 3.0

3 Major Evidence Center features  Search and extraction for chats, browser history and emails  Carving, Live RAM and Network traffic analysis  Mounting drive and Live RAM images  Case and User management  Bookmarking  Reports in text, xml, html, csv, pdf  Hash calculation  No Internet connection required (included in previous v.2.0) New Belkasoft release: Belkasoft Evidence Center 3.0

4 Major improvements to 3.0  Not just Windows anymore MacOS support added  Not just histories anymore Picture and video support added  Not just history extraction anymore Analysis added Also: Option to carve allocated/unallocated Hibernation and page file analysis Thunderbird email client support New Belkasoft release: Belkasoft Evidence Center 3.0

5 MacOS support  Mounting HFS/HFS+ drives and drive images supported Encase, SMART, DD  Carving and regular history extraction, Instant Messengers only  Currently supported:  More history types to come New Belkasoft release: Belkasoft Evidence Center 3.0 Adium AIM Brosix Fire iChat ICQ InstantBird Mail.Ru Agent Mercury Nimbuzz Trillian Yahoo! Messenger

6 Picture support  Search for pictures  Extracting and showing EXIF and other properties  Filtering by various properties  Showing pictures with GPS coordinates on Google Maps and Google Earth New Belkasoft release: Belkasoft Evidence Center 3.0

7 Picture analysis  Pornography detection (beta)  Face detection Both frontal and profile  Text detection English Russian New Belkasoft release: Belkasoft Evidence Center 3.0

8 Video support  Search for video  Extracting key frames Saves time for video analysis: only significantly changed frames need review Less emotional stress for an investigator  Only need to see a set of pictures  The same analysis available for key frames as for pictures New Belkasoft release: Belkasoft Evidence Center 3.0

9 Filters  Powerful filter manager  Allows to create filters on one or more criteria Arithmetic, boolean and string operations AND/OR conjunctions Negating criterion using NOT  Applied to pictures and videos New Belkasoft release: Belkasoft Evidence Center 3.0

10 Carving  Previously: carving all drive/image  Now 3 options: Carve allocated Carve unallocated Carve both  Why carving allocated? E.g. corrupted files (e.g. met with IE dat files) Renamed files  Also: "mounting does not work under some XP machines" problem fixed New Belkasoft release: Belkasoft Evidence Center 3.0

11 Hibernation and page files  Support for carving hibernation and page files hiberfil.sys pagefile.sys  LiveRAM analysis available Instant Messenger artifacts Social network artifacts (Facebook) Browser artifacts (IE, Firefox) Gmail letters and drafts  Regular carving available All supported types New Belkasoft release: Belkasoft Evidence Center 3.0

12 Thunderbird support  Search and extraction of Thunderbird mailboxes msf format SQLite format is on the way  Huge mailboxes supported Tested on 3Gb mailbox: 30 minutes to extract New Belkasoft release: Belkasoft Evidence Center 3.0

13 Smaller enhancements  New Windows messengers: Paltalk (LiveRAM) Gajim emClient Nimbuzz Qutim Gadu-Gadu (old and new versions)  MacOS: see previous slides New Belkasoft release: Belkasoft Evidence Center 3.0

14 Smaller enhancements  Social networks: Facebook IE remnants Live RAM: chats and group chats  Better Gmail support Live RAM: Not only emails, but also drafts extracted  Better Skype group chats extraction  Better ICQ 6 and 7 file transfer extraction  Multiple usability improvements E.g. Reporting now considers From/To dates inclusively  Possibility to tweak report templates E.g. put own logo instead of Belkasoft's one, tweak colors, fonts etc. New Belkasoft release: Belkasoft Evidence Center 3.0

15 Smaller enhancements  The Bat! mailbox analysis no more fails on big mailboxes (previously was failing on 1Gb sized ones)  Outlook mailbox analysis no more fails on 10Gb mailboxes  Sample histories included to setup Before one had to download manually from site  Setup on a machine without Internet connection supported 4 predefined setup packages for various Windows versions: English/German 32/64 bit Other Windows languages are also supported New Belkasoft release: Belkasoft Evidence Center 3.0

16 Price enhancements  More clear price structure Every additional feature cost the same  $250 per feature (floating license)  $200 per feature (fixed license)  More features in the base configuration Browser cache and passwords included  Previously were additional features Basic picture and video support included New Belkasoft release: Belkasoft Evidence Center 3.0

17 Available features 1.Deleted information retrieval (carving) 2.Live RAM dump analysis 3.Mounting images such as Encase evidence files, SMART, DD, mounting MacOS drives 4.Network traffic analysis for chat artifacts 5.Picture analysis 6.Video analysis New Belkasoft release: Belkasoft Evidence Center 3.0

18 More convenient registration process  No more entering licenses and mistakes in this  All feature and license information is included to a single file features.xml Sent to customer right after purchase Just put it in the product folder and product will register automatically  As previously, no Internet required for registration New Belkasoft release: Belkasoft Evidence Center 3.0

19 Less Hardware ID pain  Previously every change in hardware lead to new Hardware ID Even adding virtual device in VMWare!  Now less hardware changes count Customers will ask for new keys less frequently New Belkasoft release: Belkasoft Evidence Center 3.0

20 Comprehensive help  Read online at http://belkasoft.com/bec/en/Evidence _Center_Help_Contents.asp http://belkasoft.com/bec/en/Evidence _Center_Help_Contents.asp  Download PDF from http://belkasoft.com/download/BEC_ 3.0_Help.pdf http://belkasoft.com/download/BEC_ 3.0_Help.pdf New Belkasoft release: Belkasoft Evidence Center 3.0

21 Belkasoft customers  See http://belkasoft.com/home/en/Customers.asp for morehttp://belkasoft.com/home/en/Customers.asp

22 Why Belkasoft Evidence Center?  Reduced cost of investigation  Reduced investigation time  Less specific knowledge required for investigator  Ideal for triage  Simultaneous work of several analysts on the same case New Belkasoft release: Belkasoft Evidence Center 3.0

23 Where to get the product?  Product page: http://belkasoft.com/bec/en/Evidence_Center.asp  Direct download link: http://belkasoft.com/download/bec.zip  Registration page: http://belkasoft.com/bec/en/register.asp http://belkasoft.com/bec/en/register.asp  This presentation: http://belkasoft.com/download/info/bec30.zip http://belkasoft.com/download/info/bec30.zip New Belkasoft release: Belkasoft Evidence Center 3.0

24 About Belkasoft  Belkasoft – computer forensics software vendor  Site – http://belkasoft.comhttp://belkasoft.com  Founded at 2002  Contacts support@belkasoft.com – product support support@belkasoft.com contact@belkasoft.com – all questions contact@belkasoft.com business@belkasoft.com – business-related business@belkasoft.com  DUNS: 683524694  NCAGE: SKF09  CCR: see http://www.bpn.gov/ccrhttp://www.bpn.gov/ccr  We are also in ORCA and WAWF New Belkasoft release: Belkasoft Evidence Center 3.0

25 Customer problems solved New Belkasoft release: Belkasoft Evidence Center 3.0  Computer forensic investigation Is there any evidence on a suspect's computer?  Out-of-the box solution for a number of evidence types How to find such evidence quickly, without too much manual work?  Corporate security Did a fired employee unveil commercial secrets? Are current employees use computer only for business needs?  Intelligence and counterintelligence Are there any suspicious chats made in an internet café?  Parental control Is a child safe during web surfing and chatting?

26 Training  Belkasoft can handle online and onsite trainings if a customer requires this  Online training delivered via GoToMeeting (WebEx analogue)  Onsite training requires travel, accommodation and meal expenses to be covered by a customer  More details: http://belkasoft.com/home/en/Training.asp http://belkasoft.com/home/en/Training.asp New Belkasoft release: Belkasoft Evidence Center 3.0

27 Contact us!  Interested? Drop us an e-mail at business@belkasoft.com right now! business@belkasoft.com  Add Belkasoft CEO in LinkedIn: http://ru.linkedin.com/in/yurigubanov http://ru.linkedin.com/in/yurigubanov New Belkasoft release: Belkasoft Evidence Center 3.0

Download ppt "Meet Belkasoft Evidence Center 3.0! Yuri Gubanov CEO, Belkasoft What's new in the recent Belkasoft release?"

Similar presentations

Managing References : Mendeley

Managing References : Mendeley
Microsoft ® Office OneNote ® 2007 Training Using your Notebook to its fullest potential Kent School District presents:

Microsoft ® Office OneNote ® 2007 Training Using your Notebook to its fullest potential Kent School District presents:
How to Use Stowe School District

How to Use Stowe School District
Services Course Windows Live SkyDrive Participant Guide.

Services Course Windows Live SkyDrive Participant Guide.
Google Chrome & Search C Chapter 18. Objectives 1.Use Google Chrome to navigate the Word Wide Web. 2.Manage bookmarks for web pages. 3.Perform basic keyword.

Google Chrome & Search C Chapter 18. Objectives 1.Use Google Chrome to navigate the Word Wide Web. 2.Manage bookmarks for web pages. 3.Perform basic keyword.
V.2010 | © OverDrive, Inc. 2010 | Page 1 v.11012010 | © OverDrive, Inc. 2010 | Page 1v.06212013 | © OverDrive, Inc. 2013 | Page 1 Learn how to browse,

V.2010 | © OverDrive, Inc | Page 1 v | © OverDrive, Inc | Page 1v | © OverDrive, Inc | Page 1 Learn how to browse,
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
Effective Discovery Techniques In Computer Crime Cases.

Effective Discovery Techniques In Computer Crime Cases.
Operating System Customization

Operating System Customization
XP Browser and E-mail Basics1. XP Browser and E-mail Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.

XP Browser and Basics1. XP Browser and Basics2 Learn about Web browser software and Web pages The Web is a collection of files that reside.
Computer & Network Forensics

Computer & Network Forensics
Microsoft Office 2007- Illustrated Using Advanced Features.

Microsoft Office Illustrated Using Advanced Features.
Your online classroom. Powerhouse Campus o Custom Class dashboards o Links with Moodle, Studywiz, Bb, ClickView & all web apps o Links your school library.

Your online classroom. Powerhouse Campus o Custom Class dashboards o Links with Moodle, Studywiz, Bb, ClickView & all web apps o Links your school library.
Secure Private Cloud Storage for Business. The Market Trend File Sharing Any Device Any Where Public clouds are good enough to personal users but security.

Secure Private Cloud Storage for Business. The Market Trend File Sharing Any Device Any Where Public clouds are good enough to personal users but security.
Local Health Department Contact Tracking Database An easy to use, efficient way to track the contacts, inquiries and complaints your local health department.

Local Health Department Contact Tracking Database An easy to use, efficient way to track the contacts, inquiries and complaints your local health department.
1 New : Create your own message starting from scratch 2 New From Template: add professionally designed templates provided exclusively by Gorilla Contact.

1 New : Create your own message starting from scratch 2 New From Template: add professionally designed templates provided exclusively by Gorilla Contact.
Integrate your people maximize your knowledge Tel. 0845 124 9800 . SalesBase Customer.

Integrate your people maximize your knowledge Tel SalesBase Customer.
IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.

IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.
PASSWORD MANAGEMENT MADE EASY A Project Play Date - September 26, 2008 Beth Carpenter, Library Services Manager, Outagamie Waupaca Library System.

PASSWORD MANAGEMENT MADE EASY A Project Play Date - September 26, 2008 Beth Carpenter, Library Services Manager, Outagamie Waupaca Library System.
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Similar presentations

Ads by Google