ADF Solutions Triage-Examiner
May 01, 2012
Triage-Examiner one-year software license (includes kit): $1,448; one-year license renewal: $999; Lab Add-On module one-year software license: $699; one-year license renewal: $499.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Can use with multiple computers simultaneously, great customer support, clear reports.
- Weaknesses: Initial setup and documentation causes confusion.
- Verdict: Excellent product, streamlined and ideal for collection prior to full investigation.
We first installed Triage-Examiner by inserting the Triage Key USB, which required little user interaction, into the target computer. The same key is later prepared to conduct the examination. The first time that the software is implemented requires users to insert the Authentication Key USB to back up the license file. The console opens and users can select either a quick or complete scan. When preparing a scan, the user selects which drive to search and for what to search. From here, the Triage Key can be removed and plugged into any computer. An auto-run box pops up and the scan can begin. Scans provide a live feed of progress and results by category. Users can suspend the scan at any time to view the results up to the interruption. When the scan is done, evidence is clearly presented in a regimented report, which can be exported as HTML and converted to a PDF. Reports offer tags, which label through color codes evidence by significance. The speed and presentation of Triage-Examiner's collected evidence was impressive.
The Triage Key has a third functionality, which is replicated in the bootable CD: If a target device is turned off or locked, the USB or CD can reboot the system. The Lab Add-On option is a third USB. This allows the user to scan suspect drive images, write-blocked physical drives and other removable media.
This is a powerful and versatile forensic tool. It is compatible with Apple products and any other removable media devices. The user interface is refreshingly simple to navigate, buttons are large and certain options provide a quick description of functionality. The reports are very clear, albeit lengthy, and provide a tally of tagged items.
The documentation that came with the Triage-Examiner leaves something to be desired. Screen shots are either blurry or small, and there is little to no description per image. Certain instructions are not clearly explicated, though they can be figured out or clarified by customer service - which is not offered 24/7, but is available by phone, email or an online support ticket. If customer assistance is unavailable by phone, voicemail is offered with a timely response. The service reps were quite familiar with the product, providing extensive assistance and instruction.
The price for the Triage-Examiner and Lab Add-on, both complete with a one-year license, is $2,187. The one-year license renewal for Triage-Examiner by itself is $999 and is $499 for the Lab Add-on. This product is worth the value. As a forensic examination tool that is used prior to a full investigation, it is very strong.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes