On December 5 Atola Technology releases Atola Insight Forensic 4.10.
The key feature is the search of artifacts capability while imaging a source evidence media. It allows to search the source drive for credit cards, emails, URLs, IPs, GPS coordinates, phone numbers, keywords etc. in the course of imaging. This feature will help forensic specialists expedite investigation in urgent cases or when dealing with a damaged drive that takes hours to image.
The full list of Atola Insight Forensic 4.10 changes can be found here: Atola Insight Forensic Changelog.
Imaging settings now have a new Artifacts tab where different types of artifacts can be selected and lists of keywords or regular expressions can be uploaded.
Atola Insight Forensic: Artifacts tab
For each of the artifacts, we have not simply applied well-known algorithms (e.g. Luhn formula used to validate credit card numbers). We have developed our own smart filters to eliminate false results (e.g. if there are two slashes near the number that has preliminarily been identified as a credit card number, that will eliminate it from the search results, as it is likely to be a part of a URL).
We have added a new Artifacts tab in the bottom part of Insight’s imaging window: the numbers of the found artifacts and the corresponding diagram change on the go.
Atola Insight Forensic: Imaging data
The list of found artifacts is opened by a click on any of the categories or the diagram itself.
In the table, each artifact’s Value is shown in the context (including 20 bytes before and 20 bytes after the artifact), the LBA and the offset are also displayed in the table to help locate the artifact.
There are many options to help find, sort, filter and view the artifacts: it is possible to view one or a few categories of artifacts in one list, use the search bar to find a specific value, filter results for unique values by clicking the Show only unique artifacts link.
The latter option is quite valuable as it helps identify the values most frequently occurring on the drive. It often accelerates the whole process of specific artifact search.
Atola Insight Forensic: artifact search
For more information about the Artifacts feature please read our next week’s blog post or follow this link to our manual:
http://atola.com/products/insight/manual
Where to buy
If you still do not have an Atola Insight Forensic and would like to place an order, this can be done directly via Atola Technology, or from a distributor near you:
Please contact our Atola Technology sales to receive more specific information:
- Call us: +1 888 540-2010, +1 416 833-3501 10am – 6pm ET
- Or email us: http://atola.com/support/inquiry.html?type=1
P.S. Dear customers, we appreciate your feedback and will take it into account when making changes to the product. Therefore, please feel free to write your thoughts or ideas as comments below.
Yulia believes that with a product that is exceptionally good at solving tasks of forensic experts, marketing is about explaining its capabilities to the users. Yulia regularly represents Atola at DFIR events, holds free workshops and webinars about Atola imagers functionality and advocates on the users' behalf to ensure that Atola keeps on adding value and raising the bar for the industry.
- Top digital forensic conferences in 2024 - January 1, 2024
- 2023. Year in Review - December 31, 2023
- Top digital forensics conferences in 2023 - January 1, 2023
Yulia Samoteykina
Director of Marketing Yulia believes that with a product that is exceptionally good at solving tasks of forensic experts, marketing is about explaining its capabilities to the users. Yulia regularly represents Atola at DFIR events, holds free workshops and webinars about Atola imagers functionality and advocates on the users' behalf to ensure that Atola keeps on adding value and raising the bar for the industry.
