Exterro improves digital forensic automation and incident response with major updates to FTK® Connect

Exterro improves digital forensic automation and incident response with major updates to FTK® Connect

Advanced FTK Connect adds power and speed to FTK® solutions with new automation, integration and visualization capabilities

Exterro, Inc. – the preferred provider of Legal GRC software specifically designed for the internal legal, privacy and IT teams of the Global 2000 and Am Law 200 organizations – today announced the release of its updated FTK® Connect digital forensics tool that adds powerful new automation, orchestration and integration capabilities to Exterro’s industry-leading platform.

Automation of FTK Connect enables both companies to streamline incident response or infringement investigations, and law enforcement and public sector customers to accelerate the processing and review of forensic evidence in criminal cases. The launch exemplifies Exterro’s continued investment in the FTK® product line as it plans a future IPO and underscores the company’s commitment to the digital forensics and incident response market.

In 2021, businesses experienced 50% more cyber attacks per week than the previous year, and businesses around the world are expecting an increase in hacking attempts. But if their forensic tools aren’t directly integrated with their cyber-intrusion tools, they risk not being able to preserve the evidence needed to remediate the attack. FTK Connect supports incident response requirements by combining new automation capabilities with the power and speed of Exterro’s FTK solutions in performing forensic investigations, incident response workflows, and protecting corporate assets.

Additionally, FTK Connect enables SIEM and SOAR platforms such as Splunk and Palo Alto Networks to be automatically integrated with FTK forensic products to instantly preserve evidence upon detection of an intrusion, without requiring human interaction. It also features a greatly simplified drag and drop user interface (UI), designed specifically to allow non-programmers to easily create automations for any type of case.

Public sector

For public sector agencies, FTK Connect provides a much needed automation solution that overcomes many of the challenges they face today. Some of these challenges include backlog cases that exist due to dwindling technology budgets, a lack of investigator training, and the sheer amount of data that needs to be processed.

Read also: As digital transformations of low-code / no-code fuel

In essence, the costs of equipping a forensic lab with state-of-the-art technology and highly skilled examiners are out of reach for most agencies. Therefore, forensic evidence exams are delayed after imaging a guide or gathering evidence because they rely on the availability of trained examiners to perform the next steps. Due to these circumstances and budgetary reasons, agencies more frequently use non-technical auditors who have no training in forensics or software forensics, but who need to prepare cases for review by a forensic expert. As a result, investigation closure rates continue to lag significantly.

“Using FTK Connect automation, law enforcement can execute forensic workflows much faster and make better use of their existing hardware and software investments, putting them to use when users are not around,” said Harsh Behl. , director of product management at Exterro. “Automation scheduling outside office hours uses the 16 hours of the day from the time an investigator leaves work until the next morning arrives, which had previously been wasted. Law enforcement using FTK® Lab or FTK® Central with FTK Connect will be able to close more cases in less time. “

FTK Connect enhancements are the result of Exterro’s close collaboration with major customers in the US, UK and Europe. The wealth of experience and market insights from these clients has helped Exterro create a tool that creates efficiencies and covers key gaps within other forensic solutions.

New features and functionalities of FTK Connect:

  • Create automations with unprecedented ease
    Built for non-programmers, the intuitive interface allows users to easily create automations for any type of case with a drag and drop interface. Get productive instantly with minimal training.
  • Automated processing and review
    Law enforcement can configure FTK Connect to check directories and automatically process any forensic images placed there, then automatically search for cases for preconfigured search terms, apply labels or bookmarks, and export the resulting files.
  • Combine SIEM & SOAR with forensic investigations
    Orchestrate the forensic collection workflow by integrating together the internal tools of the IT infrastructure. Instantly store electronic evidence upon detection of an intrusion. FTK Connect can automate collection from remote endpoints based on triggers from solutions such as Splunk SOAR and Palo Alto SOAR.
  • Custom workflows
    Leverage FTK Connect APIs to create custom workflows or integrations that fit your organization’s exact needs and specifications.
  • ISO accreditation
    FTK Connect automation helps minimize human interaction when handling digital proofs, thereby reducing the possibility of errors and ensuring their compliance / adherence to ISO accreditation standards such as ISO 27037 or ISO 17020 and 17025.
  • Compatibility
    FTK Connect seamlessly integrates with FTK® Lab, FTK® Enterprise and FTK® Central bringing unrivaled speed, power and security to forensic workflows.

Check out the new Enterprisetalk podcast. For more updates of this type follow us on Google News EnterpriseTalk News.

Leave a Comment

Your email address will not be published.