Difference between revisions of "BitFlare"

From Forensics Wiki
Jump to: navigation, search
m (moved Bitflare to BitFlare: wrong capitalization!!)
Line 1: Line 1:
'''BitFlare''' is a Software-as-a-Service offering from SunBlock Systems that allows non-experts to perform computer forensics, electronic evidence discovery, and data preservation.  The software loads its own operating system on to a suspect computer, essentially utilizing the suspect machine itself a forensic platform.
+
'''BitFlare''' is a Software-as-a-Service offering from [[SunBlock Systems]] that allows non-experts to perform computer forensics, electronic evidence discovery, and data preservation.  The software loads its own operating system on to a suspect computer, essentially utilizing the suspect machine itself a forensic platform.
 +
 
 +
== Capabilities ==
 +
 
 +
BitFlare allows users to view and filter visible and deleted file entries of various common metadata such as timestamps, file names, file paths, and file sizes.  In addition, a user can filter files by supersets of broad file categories such as Microsoft Office, MRU file links, and Image and Video files.
 +
 
 +
Keyword searches can be run across visible and deleted files as well as across slack, unallocated, and unpartitioned space across the hard drive.  Keyword searching supports full PCRE regular expressions and case sensitivity.
 +
 
 +
Relevant files and keyword fragment extraction is facilitated through Evidence Discovery Packs.  Files are saved in their native format.
 +
 
 +
BitFlare supports hard drive preservation.  Users can save encrypted forensic copies of the hard drive to externally connected devices.  Encrypted images can be sent to SunBlock Systems for decryption, third party validation, and analysis.
 +
 
  
  

Revision as of 11:59, 29 January 2010

BitFlare is a Software-as-a-Service offering from SunBlock Systems that allows non-experts to perform computer forensics, electronic evidence discovery, and data preservation. The software loads its own operating system on to a suspect computer, essentially utilizing the suspect machine itself a forensic platform.

Capabilities

BitFlare allows users to view and filter visible and deleted file entries of various common metadata such as timestamps, file names, file paths, and file sizes. In addition, a user can filter files by supersets of broad file categories such as Microsoft Office, MRU file links, and Image and Video files.

Keyword searches can be run across visible and deleted files as well as across slack, unallocated, and unpartitioned space across the hard drive. Keyword searching supports full PCRE regular expressions and case sensitivity.

Relevant files and keyword fragment extraction is facilitated through Evidence Discovery Packs. Files are saved in their native format.

BitFlare supports hard drive preservation. Users can save encrypted forensic copies of the hard drive to externally connected devices. Encrypted images can be sent to SunBlock Systems for decryption, third party validation, and analysis.


External Links