Product Details
PRODISCOVER IR
This Product Review is in the following Category:
Security Management, Assessment, Incident Response
This Product Review is in the following Sub-category:
IT Forensics
|
Version: | |
|---|---|---|
| Vendor: | Technology Pathways | |
| Price: | £12,995 | |
| Date: | 1-May-08 | |
| Author: | Peter Stephenson |
ProDiscover Incident Response is a tried-and-tested favourite in the forensics sector. This product focuses mostly on doing forensic analysis across the network on a computer while it is live without being detected. This allows quick and direct incident analysis either after an incident has taken place or while it is happening. With this product investigators can create images of disks, memory, or detect hidden Trojans and rootkits.
As we have found in the past, ProDiscover is fairly easy to use, and not much has changed since we last saw it. The look of the program itself is the same, with an easy-to-navigate tree structure similar to using Windows Explorer.
Most tasks are done through a few simple clicks of the mouse and data can be found quickly and easily. However, it is one of the most useful tools you will find when responding to a digital incident.
In the world of live forensics, this is a solid product. It includes many viewers that make conducting forensic investigations quick and easy. Not only does this product allow examination of files and folders on a disk, but an investigator can also look inside internet history files and view the registry of a machine. ProDiscover IR provides the ability to be as granular as needed quickly and effectively.
The two accompanying manuals include a user guide that covers the product from A-Z, starting at installation and going through all of its many features in great detail. It features many screenshots and offers clear step-by-step instructions. The second part of the documentation is the ProScript API manual. This helps users code scripts that can be leveraged by ProDiscover's Perl script base.
Support is based on an annual maintenance subscription and includes phone and email assistance from Technology Pathways. There is also a small support area on the website that features product downloads, a support forum and product documentation.
At a price of almost £13,000 this product seems a bit pricey for software. However, we consider it good value for money based on its ease of use and highly comprehensive feature set. Even at this price it is an order of magnitude compared to its competitors.
Other product reviews from this Supplier
PRODISCOVER FORENSIC 4.9ProDiscover IR v 4.9
ProDiscover Incident Response
ProDiscover Incident Response
Related product reviews in this subcategory
GlobalAdmin Enterprise Security SuiteCyberAngel
NetSwift iGate
LapTrak (Mobile Security group test)
Magi Enterprise (Telecommuting group test)
This product is in the following Group Test
Network forensics (2008)
Product Rating
Features |
***** |
Ease of Use |
***** |
Performance |
***** |
Documentation |
***** |
Support |
**** |
Value for Money |
***** |
Overall Rating |
***** |
For:
Highly comprehensive feature set for doing live forensics across a network
Against:
Could use a bit more in the support area, but that is nitpicking
Verdict:
If you are looking for an over-the-network forensics tool, this is the one
