Home | Log In

Home :: Tips :: Field Triage :: Importance of Volatile Data

Importance of Volatile Data

larger image

Importance of Volatile Data

Capturing information about the current state of a suspect computer before powering it down is important to a forensic investigation. There is a wealth of volatile data that can be lost once the suspect's computer is powered down. This information may help direct an investigation in the early stages and can be beneficial during other stages of the investigation. First responder triage tools can capture this important data which can play a critical roll in every investigation.

Important information that may be lost when the computer is powered down may include:

Clipboard contents
Attached device listings
Open network ports
Current running applications and processes
Temporary cache files
Active memory contents
Connected network drives
Active peer-to-peer connections
And more...

Product 25/46

Previous

Return to the Product List

Next

Search

Categories

Software (6)
Hardware (2)
Upgrades (2)

Documents

Dealers (10)
Consultants
Manuals-> (28)
Tips-> (103)
  |_ MacForensicsLab (19)
  |_ MacLockPick (4)
  |_ General (34)
  |_ Field Triage (46)
Press (23)
Resources-> (105)
White Papers (5)

Sponsors

Newark, Calif. April 15th 2010 - MacForensicsLab Inc. announces the immediate availability of the latest version of their powerful computer forensic suite, MacForensicLab 3.0. The new version brings many new features along with rock solid stability and big speed improvements.

The latest version of MacForensicsLab features redesigned core functions making it faster to zero in on suspect evidence with an easier and more intuitive interface. The industry standard in Macintosh-based forensics just got better. With over twenty new features, such as hashing and data carving throughout the application along with improved stability and speed, MacForensicsLab 3.0 is the must have tool for Mac forensics.

"MacForensicsLab 3.0 brings many new features to the software suite while building on many of the things it already does best." said Marko Kostyrko, CEO of MacForensicsLab Inc. "We're very happy with the evolution of this product and excited for where it's headed in the future."

Speed improvements make all tasks faster than ever. Some operations were benchmarked to run up to 12 times faster then the previous version. New 64-bit operation helps to maximize speed and take full advantage of newer Mac's Intel processor. MacForensicsLab has redesigned memory allocation algorithms to prevent system freezes due to memory leaks or inefficient memory distribution by the operating system. This ensures that MacForensicsLab is always running at its best.

Evaluation copies of MacForensicsLab 3.0 are available to licensed investigators and media. Please contact Sales@MacForensicsLab.com to obtain an evaluation agreement.

Information

Notifications

Notify me of updates to Importance of Volatile Data

New Products [more]

08: Search Functions

08: Search Functions

Have you seen ...

The MacForensicsLab ‘Preferences’ window allows the investigator to setup and maintain both individual cases and examiners within MacForensicsLab, as well as to specify the desired database destination case data storage purposes..

| Home |

Copyright © 2006 - 2010 MacForensicsLab Inc.
Phone +1 (510) 870-7883 - Fax +1 (510) 868 3407
M ac and the Mac logo are trademarks of Apple Computer, Inc., registered in the U.S. and other countries.

Forensics Technologies - designed to perform investigations, for law enforcement and eDiscovery professionals.

MacForensicsLab - The only effective cross-platform weapon in the war on Cyber Crime and Digital Terrorism,
with unique tools designed to combat identity theft and child pornography.