Large-scale cyberattacks have recorded a 5-fold increase during the pandemic. The recent SolarWinds breach, potentially the first of many such attacks, is also among the largest and could have infected information systems across as many as 18,000 businesses and organizations.
Faced with these challenges, a trusted endpoint detection and response solution, rooted in forensic principles, is a must-have for businesses and organizations wanting to be cyber-resilient.
OpenText™ EnCase ™, the gold standard in Digital Forensics, and OpenText™ Tableau, the leader in forensic imagers, continue to deliver new capabilities in OpenText™ Cloud Edition (CE) 21.1 to customers globally.
OpenText™ EnCase™ Endpoint Security CE 21.1 now delivers additional out-of-the-box detection rules aligned to the latest MITRE ATT&CK framework, to help customers detect anomalies – including those that have emerged as a result of the SolarWinds mega breach. OpenText Security advises all customers to be on its latest versions of EnCase to ensure optimal protection. We also advise customers to employ continuous threat hunting strategies as a proactive measure to keep bad actors at bay.
A significant innovation for EnCase Endpoint Security is its availability on Microsoft’s Azure Marketplace. OpenText™ EnCase Endpoint Security CE 21.1 provides security teams with 360-degree visibility to validate, analyze, scope and respond to incidents quickly and completely that originate or involve endpoints in Microsoft Azure.
The EnCase Agent can now investigate and collect from endpoint computers running Apple macOS 11 Big Sur. In addition, the EnCase Endpoint Security Agent also detects, responds to, and investigates threats to Apple computers with APFS filesystems and T2 Security chip.
OpenText™ EnCase™ Forensic CE 21.1 expands its language support to 14 additional languages, enabling law enforcement and government agencies to use the leading digital forensic application in their native languages. Languages covered include Arabic, Chinese (Simplified), Chinese (Traditional), Dutch, French, German, Italian, Japanese, Korean, Polish, Portuguese, Russian, and Spanish.
EnCase Forensic CE 21.1 also delivers improved electronic license management. EnCase Forensic saves investigators time, managing license from a single application using CodeMeter License Server.
OpenText™ EnCase™ Endpoint Investigator CE 21.1 allows law enforcement, government agencies and corporate enterprises to dig even deeper for the truth, thanks to the availability of UNC (universal naming convention) path collection. By implementing UNC path collection, access to shared folders on a network is enabled, simplifying the user workflow and providing faster access to evidence.
EnCase Endpoint Investigator also delivers live directory preview which allows users to quickly get a preview of a target device’s file directory. Because native operating system APIs are used to call the suspect hard drive, the speed of the investigation process is accelerated and the complexity of endpoint investigations is reduced, all while delivering forensically sound access to data on a suspect hard drive.
Like EnCase Forensic, EnCase Endpoint Investigator also delivers improved electronic license management for the convenience of OpenText enterprise customers, saving corporate investigators time during the licensing process.
Tableau TX1 Forensic Imagers are installed in nearly every federal agency across the US and OpenText is pleased to now support the NIST wiping standard. Meeting the US Federal wiping standard, this feature allows customers to reuse destination media without the risk of cross-contamination, improving the security and integrity of data that may reside on that media. This feature provides customers with a digital forensics best practice and allows Federal agencies who must comply with the NIST standard to use Tableau in their investigations.
In addition to NIST wiping, the Tableau TX1 21.1 supports custom wiping, providing an additional level of confidence that the destination media has been wiped by their organization and is suitable for secure reuse.
OpenText™ EnCase™ Information Assurance CE 21.1 is the new name of what was formerly called EnCase eDiscovery. This application is a data risk management solution designed for corporations and government agencies to locate sensitive or regulated information quickly and comprehensively across the entire IT infrastructure.
This name change is driven by two factors. The first is an acknowledgement of today’s use of the product to facilitate use cases beyond electronic discovery, such as records retention policy audits and responding to regulatory requests. The second is an increase of customer demands, globally, for expanded data risk management capabilities within the product. The rebranding does not change the application’s existing features and functions, nor licensing terms. These capabilities go through consistent development, innovation and are released quarterly to our markets.
EnCase Information Assurance CE 21.1 now also supports collection of ephemeral data from Slack – comprehensively, efficiently, and defensibly.
Visit our website to learn more about the latest innovations in OpenText Security & Protection Cloud CE 21.1
Accelerate your upgrade and reduce risk by working with OpenText Professional Services. Let our experts work with you to assess the current environment and prepare recommendations for a successful upgrade, whether on-premises, in the OpenText Cloud, in other company’s clouds or in a hybrid environment.