What’s new in OpenText EnCase Endpoint Investigator

August 2022: What’s new in EnCase Endpoint Investigator CE 22.3? As enterprises continue to face the challenges associated with cybersecurity threats that come from internal…

OpenText Security Cloud Team profile picture
OpenText Security Cloud Team

August 8, 20223 minute read

August 2022: What’s new in EnCase Endpoint Investigator CE 22.3?

As enterprises continue to face the challenges associated with cybersecurity threats that come from internal threats and bad actors, the ability to investigate those threats quickly and reliably has never been more important. With the release of OpenText™ EnCase™ Endpoint Investigator 22.3, digital forensic investigators can now take advantage of AFF4 functionality. AFF4, or the advanced forensics file format, is an open-source format used for the storage of digital evidence and data. EnCase Endpoint Investigator now supports both physical and logical reading of images, meaning an investigator can copy an entire image or only select portions of an image from another investigative tool into the EnCase format for fast, deep-drive investigations to ensure they have the information advantage needed to get to the truth faster and make the world a more secure place.

November 2021: What’s new in EnCase Endpoint Investigator CE 21.4  

Update 1:  Performance you can count on   

As corporate investigators pursue investigations without disrupting employee productivity, the ability to collect and process evidence from endpoints quickly, efficiently and reliably is paramount in their investigations.  With the release of OpenText™ EnCase™ Endpoint Investigator 21.4, corporate investigators benefit from the following features: 

  • enhanced connections and configuration between EnCase and the endpoints 
  • enhanced stability for NTFS 
  • the ability to login to the EnCase management portal with their windows credentials and a browser 
  • support for IBMZ and Linus ARM64 operating systems 
  • right-click processing, allowing investigators to quickly begin an evidence processing job on specific pieces of evidence in a case versus the entire evidence file. 

Update 2:  Finding evidence no matter where it hides   

While evidence can hide in a number of places, one of the most common areas in which offenders leave a digital footprint is in social media and cloud-based applications.  EnCase Endpoint Investigator 21.4 is focused on finding evidence no matter where it hides by enhancing the collection of cloud-based artifacts from Twitter, Facebook, Instagram and Microsoft Azure Blobs. 

Update 3:  Optimize deployment within the cloud  

Enabling investigations to utilize the speed, cost, collaboration and ease of use advantages associated with cloud computing, EnCase Endpoint Investigator 21.4 improves Microsoft Azure implementation by providing an ARM template to help create the infrastructure needed to deploy EnCase within Azure.  Additionally, EnCase Forensic v21.4 enables the activation of an electronic license on an Azure virtual machine, the ability to decommission that machine and then rehydrate that image on new hardware without interfering with the EnCase Forensic license.

For more information, visit security.opentext.com.

Author: Peri Storey, Senior Product Marketing Manager

Share this post

Share this post to x. Share to linkedin. Mail to
OpenText Security Cloud Team avatar image

OpenText Security Cloud Team

See all posts

More from the author

Dissecting IcedID behavior on an infected endpoint

Dissecting IcedID behavior on an infected endpoint

IcedID, also known as BokDot, is a banking trojan that was first discovered in 2017. It targets a victim’s financial information and it is also…

4 minute read

Technology meets tenacity

Technology meets tenacity

Technology alone won’t defeat cybercriminals. Effective cybersecurity isn’t something you buy off the shelf, set, and forget. To secure your data, you must be proactive,…

4 minute read

OpenText MxDR platform: a team player

OpenText MxDR platform: a team player

There’s a truism in the cybersecurity sector that says enterprise technology stacks are so large because the market demanded big-stack solutions. Convenience, fiscal constraints, and…

3 minute read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.