Cyber attackers, insiders seeking to use confidential and sensitive information to their advantage, and criminals lurk everywhere – on endpoints, both on and off network, critical infrastructure, mobile devices, the cloud, social media, chat and other data sources.
OpenTextTM Cloud Edition (CE) 22.4 introduces enhancements across EnCaseTM Forensic, EnCaseTM Endpoint Security, EnCaseTM Endpoint Investigator and OpenTextTM Network Detection and Response (formerly Bricata NDR).
EnCase Forensic introduces expanded collection capabilities to help investigators build more comprehensive evidence files
Digital crimes are proliferating, and bad actors have become digital-savvy. In many investigations, signs of criminal activity now lurk in social media, chat applications and the web—and in all instances, time is of the essence to find the facts. In CE 22.4, EnCase Forensic introduces the ability for law enforcement professionals and digital investigators to collect data from Facebook Messenger, Slack and Safari browser (an enhancement also now available in EnCase Endpoint Investigator). Further, new pathway capabilities help investigators create step-by-step investigation paths and share common workflows for better collaboration and efficiency in collecting potentially relevant data and unearthing the facts.
EnCase Endpoint Investigator introduces off-network collection support for Mac computers and devices
In today’s hybrid and remote workforce, it can be easy to inadvertently overlook potential sources of evidence. In addition to being able to collect data from Facebook Messenger, Slack and Safari browser, digital investigators can now collect seamlessly from off-network devices using a single tool – now adding Mac computers, laptops and devices to off-network Windows collection capabilities.
Digital investigations involve ever-mounting volumes of data, making identifying the subset of potentially relevant information to collect and review more time-consuming than ever. Endpoint Investigator adds rapid preview capabilities so digital investigators can quickly identify and collect only the relevant information for the case. With this enhancement, digital investigators can review the data in a structured format with files and folders to quickly see what is relevant.
EnCase Endpoint Security introduces faster detection and reduced turnaround time
In CE 22.4, EnCase Endpoint Security introduces faster detection and turnaround time to report anomalies for off-network endpoints. This feature allows immediate reporting of anomalies detected from endpoints even when they are off-network—with comprehensive telemetry data collected for off-VPN endpoints. New devices can be added easily with multiple endpoint listener install capability for enhanced scalability.
EnCase Endpoint Security also introduces enhanced orchestration with the ability to create and define custom actions and automated response for event post-processing. Users can create on-demand actions for an event and define execution sequences for desired outcomes.
OpenText Network Detection and Response (NDR) improves user experience and collaboration
CE 22.4 also expands OpenText Network Detection and Response (formerly Bricata NDR) support to rapidly collect and analyze external PCAP (Packet Capture) samples, originating from any PCAP provider, with enhanced job processing and configuration for improved network visibility and actionable insights.
Explore OpenText Security Solutions to learn more about building a cyber resilient organization.
