Interview with Robert Bond, Product Marketing Manager, Guidance Software

Robert, please tell us a little about yourself and your role at Guidance Software

I’m the new Product Marketing Manager of Forensic Solutions which includes EnCase Forensic, Encase Portable and Tableau products.

I have been in marketing for over 15 years with technology brands like Hewlett Packard, Kodak, and most recently in e-Discovery with Ricoh Legal.

Version 7 of EnCase introduced significant changes, the reaction to some of which was mixed within the forensic community. What kind of feedback did you receive from users?

For our customers who have been using EnCase, the new look of Version 7 was a bit of a transition and took some adjustment. For new users however, the interface is similar to the look and feel of other popular programs so we’ve seen the learning curve for users new to the software become shorter.

From a customer experience perspective, Guidance marketing and technical support has provided webinars and other tools to assist users in making a smooth transition. We believe their investment in getting comfortable with the new interface will increase their efficiency.

Further, as we have upgraded the software culminating with Version 7.05; we are learning that the increased speed of processing data and several of the new features including prioritized processing are dramatically helping our customers increase their productivity...

Read more

Internet Evidence Finder (IEF) review

Reviewed by BitHead (discussion thread here).

When this review started at the beginning of August 2012, Internet Evidence Finder (IEF) was a project of Jad Saliba of JADSoftware. At that time the version was 5.41.

The interface was simple, and IEF was an easy to use tool that found a lot of artifacts and displayed them in an easy to follow report.

In the middle of August I was contacted by Adam Belsher of JADSoftware and told there was going to be a few major changes coming to JADSoftware. A week later Saliba announced “JADsoftware has a new identity, including a new company name – Magnet Forensics.”

In his first blog post on the Magnet Forensics site, Saliba wrote, “A lot has changed since I launched JADsoftware and first developed Internet Evidence Finder (or IEF) while working as a police officer and forensic examiner. After a couple of years juggling both jobs, I realized IEF had enormous potential to help you perform better investigations, so I decided to dedicate myself to developing the software full-time. The growth the company has experienced since then has exceeded my highest expectations.”

And there were a lot more changes than just the name...

Read more

Interview with Eddie Sheehy, CEO, Nuix

Eddie, can you tell us something about your background and your current role as CEO of Nuix?

I joined Nuix as CEO in 2006 after working for quite a few high-growth finance and technology businesses. What I loved about Nuix was the precise detail the software could expose about the information it indexed. Having that degree of detail at scale could make a huge difference to the way an investigation played out.

After about a year with Nuix, it became clear to me we couldn’t take on Access Data and Guidance directly –they owned the forensic investigation market. So we expanded into eDiscovery, and later information governance, as a way of growing the business. In 2011, having reached a more tenable scale, we decided to go back into investigations. That has been one of the most satisfying aspects of my time at Nuix.

What products and solutions does Nuix offer?

Nuix offers products and solutions for forensic investigation, eDiscovery and information governance. There’s a fair amount of overlap between those categories, for instance our Enterprise Collection Center technology for gathering evidence in the field is used by investigators and for eDiscovery and our processing engine underpins all three verticals.

Indeed, at the heart of these products is our patent pending unstructured data indexing engine. The Nuix engine has unique load balancing, fault tolerance and intelligent processing technologies that enable it to process huge volumes of unstructured data at high speed and with forensic certainty...

Read more

Interview with Jonathan Krause, Managing Director, First Response

Jonathan, we last interviewed you back in 2008, what have you been doing since then?

In early 2008 I started Forensic Control after four years as a computer forensic employee. It began as a vehicle for my contract work but soon developed into a business in its own right, becoming relatively well known – albeit within the fairly small world of computer forensics! I moved further and further away from my roots in public sector work, and found myself really enjoying the faster pace and challenges in the corporate world; there was no going back for me. During this time I was fortunate enough to work on some very interesting cases including the Deepwater Horizon oil spill and the estate of Elvis Presley.

You recently became the Managing Director of First Response. Tell us more about the company and your involvement.

First Response was set up in January 2012, and at present is being run alongside Forensic Control. There are three joint owners of the company; myself, John Douglas and Bill Lindley. John (the Operations Director), Bill (the Chairman) and I bring together over 30 years’ experience of working in the industry. We decided to bring the forensic operations of our separate companies under one roof which was a natural progression for each of our companies. We think we complement each other very well! There’s some more background on First Response in the recent Forensic Focus news item.

I’ve known Bill and John professionally and socially for years; as well as offering what we believe is a first-class service, we enjoy our work and enjoy working with each other – for me, this is of fundamental importance.

In terms of my involvement, I’m a typical managing director/CEO though with a very much hands-on role. You’re as likely to find me imaging an unusual server configuration, analysing the content and reporting back to the client as much as dealing with the behind scenes management.

Can you give us some recent examples of cases First Response has worked on?

Sure. I think First Response’s main strength is in having both a great technical depth and an ability to communicate complex matters in a way that an average lawyer or director can easily understand and then act on. This helps our clients tremendously as it did in the two examples of cases I'll outline...

Read more

Webinar (online now): Pitfalls of Interpreting Forensic Artifacts in the Windows Registry

The webinar "Pitfalls of Interpreting Forensic Artifacts in the Windows Registry" is now online here.

If you encounter any difficulties viewing the above page, the webinar is also available on YouTube here.

In this webinar, Jacky Fox, student at UCD School of Computer Science and Informatics, presents the results of her dissertation on Windows Registry reporting. Jacky will be available in this forum thread for about an hour to answer any questions.

Guidance Software Releases EnCase® Forensic v7.05

Guidance Software Inc. has announced the release of EnCase® Forensic version 7.05. This latest version of the industry-standard forensics software features key enhancements that enable investigators to work with data sets earlier and faster in order to both begin and close cases faster than ever before. Speed enhancements in the EnCase Forensic v7.05 evidence processor have reduced significantly the processing time for both small and large data sets. Digital investigators can now rapidly process evidence files of virtually unlimited size, dramatically reducing case backlogs. With EnCase Forensic v7.05, investigators can uncover evidence up to nine times faster than previous versions using the greatly enhanced evidence processor...

EnCase Forensic v7.05 also improves investigative efficiency by automating common investigation tasks and significantly reducing manual efforts. Prioritized processing lets users process an early subset of evidence and make it available more quickly for analysis by investigators. They can also choose to continue or to stop processing remaining evidence. Enhancements to the analytic capabilities of the product’s built-in Case Analyzer offer forensic examiners deeper insight into computer systems through higher-level reports on metadata and the ability to compare potentially related artifacts side-by-side. Examiners can establish hyperlinks to original documents and images within reports. In addition, the results of a keyword search can be viewed and analyzed while that search is ongoing...

Read more