What’s new in OpenText EnCase Forensic and Endpoint Investigator Cloud Edition (CE) 20.2

Collect from Macs enabled with Apple T2 Security Chip

When Apple introduced the T2 Security Chip in 2018, it set the computer forensics community back for years. Since then, Mac investigations have lagged behind, requiring physical possession of the device and even custom implementations of the OS itself, all at the cost of time, agency resources and, worse still, volatile forensic data.

OpenText™ EnCase™ technology was the first to bring Mac investigations over the network; the first to decrypt FileVault 2 on a PC; the first to preview and decrypt APFS over the network; and now the first to support Apple T2 security over the network.

You don’t need physical possession of the machine. You don’t need a separate partition. And you don’t need credentials if the user is logged in.

The EnCase Agent captures key information and submits it to the T2 Chip, which decrypts the APFS container for access, and you see something like this:

Once you mount the disk in EnCase, we do all the hard work so that you don’t have to. We’ve also improved network preview times so that you can get to the data faster.

What about Apple Time Machine snapshot data? We’ve got that, too.

Take a look at what OpenText™ EnCase™ Forensic and OpenText™ EnCase™ Endpoint Investigator Cloud Edition (CE) 20.2 offers, including:

  • 80% speed increase when parsing APFS volumes
  • Updated Chrome browser support (Windows and macOS)
  • McAfee Drive Encryption support
  • WinMagic SecureDoc support
  • Cloud Connectors to collect from:
    • SharePoint 2013 or later
    • SharePoint Office 365 OneDrive
    • Dropbox
    • Google Drive

And so much more!

Learn more

Make decisions confidently and defensibly with OpenText™ EnCase™ Forensic and OpenText™ EnCase™ Endpoint Investigator, an SC Award winner for Best Computer Forensic Solution for 10 straight years! Learn more about OpenText Security Cloud Edition (CE) 20.2 by visiting our website.

Accelerate your upgrade and reduce risk by working with OpenText Professional Services. Let our experts work with you to assess the current environment and prepare recommendations for a successful upgrade, whether on-premises, in the OpenText™ Cloud, in other company’s clouds or in a hybrid environment. Customers who have Professional Services-led upgrades report up to 75% fewer queries to Customer Support.

Watch the launch event

Learn how OpenText delivers a modernized information infrastructure that is more agile and integrated so organizations can respond to change faster and easier than ever before.

Show More

Hope Swancy-Haslam

Hope Swancy-Haslam, CSPO, CEDS is the senior director of product marketing for OpenText’s Security & Forensics business unit and is responsible for the oversight/management of product marketing for the OT EnCase and Tableau product lines. Prior to joining OpenText, Hope was Vice-President at Stroz Friedberg and supervised the eDiscovery service line’s product management efforts. Throughout her career, Ms. Swancy-Haslam has enjoyed staying on top of technology trends for the legal, IT and governance communities and particularly the products and services in the eDiscovery, analytics, and security/forensics realms. She has created many advisory pieces, panels, and presentations on best-practices and enjoys staying sharp on these topics through her work with these professional communities. Ms. Swancy-Haslam received her B.A. from Baylor University and her law degree from Mississippi College. She is a member of the Sedona Conference, Working Groups 1 & 6, Duke’s TAR and EDRM Groups, and has been a General Advocate of The Texas General Counsel Forum, since 2000.

Related Posts

Back to top button