When Apple introduced the T2 Security Chip in 2018, it set the computer forensics community back for years. Since then, Mac investigations have lagged behind, requiring physical possession of the device and even custom implementations of the OS itself, all at the cost of time, agency resources and, worse still, volatile forensic data.
OpenText™ EnCase™ technology was the first to bring Mac investigations over the network; the first to decrypt FileVault 2 on a PC; the first to preview and decrypt APFS over the network; and now the first to support Apple T2 security over the network.
You don’t need physical possession of the machine. You don’t need a separate partition. And you don’t need credentials if the user is logged in.
The EnCase Agent captures key information and submits it to the T2 Chip, which decrypts the APFS container for access, and you see something like this:
Once you mount the disk in EnCase, we do all the hard work so that you don’t have to. We’ve also improved network preview times so that you can get to the data faster.
What about Apple Time Machine snapshot data? We’ve got that, too.
Take a look at what OpenText™ EnCase™ Forensic and OpenText™ EnCase™ Endpoint Investigator Cloud Edition (CE) 20.2 offers, including:
- 80% speed increase when parsing APFS volumes
- Updated Chrome browser support (Windows and macOS)
- McAfee Drive Encryption support
- WinMagic SecureDoc support
- Cloud Connectors to collect from:
- SharePoint 2013 or later
- SharePoint Office 365 OneDrive
- Dropbox
- Google Drive
And so much more!
Learn more
Make decisions confidently and defensibly with OpenText™ EnCase™ Forensic and OpenText™ EnCase™ Endpoint Investigator, an SC Award winner for Best Computer Forensic Solution for 10 straight years! Learn more about OpenText Security Cloud Edition (CE) 20.2 by visiting our website.
Accelerate your upgrade and reduce risk by working with OpenText Professional Services. Let our experts work with you to assess the current environment and prepare recommendations for a successful upgrade, whether on-premises, in the OpenText™ Cloud, in other company’s clouds or in a hybrid environment. Customers who have Professional Services-led upgrades report up to 75% fewer queries to Customer Support.
Watch the launch event
Learn how OpenText delivers a modernized information infrastructure that is more agile and integrated so organizations can respond to change faster and easier than ever before.
