AccessData AD Enterprise 7.4.2: Remote data collection for endpoints outside of the network

By | 6:13 PM Leave a Comment

AccessData Group announced the release of AD Enterprise 7.4.2, a new version of its software for managing internal forensic investigations and post-breach analysis that introduces remote data collection for endpoints outside of the corporate network, as well as the ability to collect data from sources in the cloud.

COVID-19 has presented new challenges globally, but companies still need to be able to respond to a data breach or perform an internal data collection, even from employees who are now working from home.

With AD Enterprise 7.4.2, users can collect and analyze data from remote Windows endpoints that are outside the corporate network with no VPN connectivity by using Site Server Integration.

“We want organizations to stay in control of their data whether their employees are working from home or at the office,” said Harsh Behl, director of product management at AccessData.

“AD Enterprise not only allows for data collection from off-network endpoints, but it also provides industry-leading technology to collect the data faster, helping organizations to maintain business continuity and perform investigations no matter where their employees are.”

As employees continue to work remotely, organizations are also quickly adopting and relying on cloud tools like Google Drive and Microsoft Teams to stay collaborative, yet they must also be able to collect from these cloud data sources.

AD Enterprise is the first forensic collection tool in the industry to offer a suite of data connectors, including from network shares, Microsoft Exchange, Gmail, OneDrive, Google Drive, SharePoint, and Microsoft Teams.

Furthermore, as Mac adoption continues to rise across the globe, the new version of AD Enterprise also expands remote data collection capabilities to Mac devices that run on the macOS Big Sur operating system, in addition to macOS Catalina and macOS Mojave.

“And we are proud to announce that AD Enterprise can now perform a live preview and remote collection from M1 chip Mac endpoints,” said Behl.

“With AD Enterprise 7.4.2, we offer the most types of data source connectors than any other forensic company. AD Enterprise is now the first forensic solution to offer in-network collection, superior Mac collection, off-network collection and cloud data source collection—all in one product. This offers our users a single solution for all their collection needs, allowing them to conduct faster and more comprehensive digital forensics investigations,” said Behl.

In addition, AccessData has also launched enhanced versions of its FTK and AD Lab products for digital forensics professionals. The release delivers parsing support for Windows OS data and presents it in an easy-to-read, reportable format in the new Enhanced Windows System Information Tab.

Users can easily examine data from AmCache registry files, SRUM artifacts, and Windows timeline events to develop a clear picture of an endpoint user’s actions and geolocations, helping to speed investigative work by eliminating the manual translation of Windows OS registry files. FTK and AD Lab 7.4.2 also feature parsing support for Microsoft Edge browser data.

This release comes on the heels of Exterro announcing their acquisition of AccessData, which furthers Exterro’s vision of empowering customers to proactively and defensibly manage their legal governance, risk and compliance (GRC) obligations while maintaining and ensuring the highest levels of data integrity.

By combining forces with AccessData, Exterro can now provide companies, government agencies, law enforcement, law firms and legal service providers with the only solution available to address all Legal GRC and digital investigation needs in one integrated platform.


from Help Net Security https://ift.tt/3iYDky4

0 comments:

Post a Comment