OpenText™ EnCase™ Forensic and OpenText™ EnCase™ Endpoint Investigator 20.3 includes enhanced forensic capabilities and user-first workflow improvements that increase the efficiency of investigations. This release also takes a first-step approach to enterprise-wide agent management, starting with the ability to record, search, and sort agent activity as brokered by your SAFE. What this means is that investigative teams won’t be left wondering if an endpoint is online, unreachable, or compromised. The latest release also sets the groundwork for advanced features that will debut in future versions of EnCase, including job queuing and off-VPN collections for remote and dispersed endpoints. Endpoint information is populated any time an agent connects to the SAFE – either through a collection, preview, sweep, or check in.
Building a platform for agent management isn’t the only notable feature included in this release. Investigators can now dynamically add (or remove) file attributes to the entries view. The image below shows a JPEG that was processed using the new Exif parser, and any one of those attributes can become an entries column for all collected evidence – at the click of a button.
We’ve yet to optimize sorting performance and to implement this for other fields, but even with those enhancements to come, we believe that your click miles will have been reduced.
Other features in EnCase Forensic and Endpoint Investigator 20.3 for the forensic toolkit include:
- Up to 60% more efficient RAM usage when parsing OSTs
- Improved performance and accuracy when parsing EDBs
- Updated Safari browser support
- Instant Gallery View
- RAR 5.0 support
- Full Google G Suite support
- Support for the latest Windows 10, Server 2004, and ARM
And so much more…
Despite its decade-long winning streak, OpenText isn’t resting on its laurels.
-SC Magazine, 2020 SC Awards
Visit our website to learn more about OpenText Security 20.3.
