Cyber Security Technologies Mac Marshal
May 01, 2013
Cyber Security Technologies, IncProduct:
Mac Marshal Forensic Edition for Macs: $995; for PCs: $795; Bundle: $1,395; Field Edition: $1,795.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: These products make it easy to investigate a Mac, dual-boot or virtualized OS running on the Mac.
- Weaknesses: There is little documentation with the product or on the website to help users get started.
- Verdict: This set of products allows users to engage all features with ease when working in a Mac or hybrid Mac/PC environment.
Both Mac Marshal Forensic Edition and Field Edition provide user-friendly forensic tool kits. Each allows users to access a computer with ease and flexibility. While these offerings were designed originally for Mac OS X to access data, logs and virtual machines running within the Mac OS, the Forensic Edition for PCs will also work with MS Windows.
The Mac Marshal Forensic Edition software comes either on a disk or can be downloaded from the company's site and then installed onto the computer. This product allows the user to run on a Mac OS X 10.4 or later and Microsoft Windows XP or later. With this tool, one is able to examine the designated drive to a full extent. With the Forensic Edition, users are able to gather data from every Apple device connected to the computer being examined. When used on a Mac's features, the user is able to collect log information from the most common Mac apps, such as Safari, iChat, Mail and Address Book. This product provides a simple tool to access drives on a Mac or PC.
The other offering is Mac Marshal Field Edition. This iteration can be used on either a Mac or PC. The software comes on a flash drive and there is no installation to run on the computer. The Field Edition includes everything that the Forensic Edition bundle has, except that it is a live triage tool. Unlike the Forensic Edition, the Field Edition is able to be used on a computer without having to tamper with the unit. Other features of the Field Edition include physical memory acquisition and live-state acquisition tools, helping to preserve the computer data before creating an image. Both products allow for ease with navigation when viewing the chosen drive(s).
The support for each of the products is basic. Both include electronic manuals that offer a lay description of how to use the products. As for the website, there is not much instruction offered. The customer support is free for the first year, and is then 20 percent of the license price. The only type of support available is by email. We found this to be the major downside of the product itself. As a test, we emailed the support staff to see how responsive they were and were pleased to see that our inquiry was answered within 24 hours, and that their online support works standard business hours, five days a week.
Overall, this is a product that is worth investing in. It is easy to view a disk and gather data based on what is found. Both products are reasonably priced and worth every penny - with the caveat that the customer service is limited. However, that does not affect the value of the product itself. These tools are both useful in forensics on Macs and PCs, providing access to dual-boot Macs and common applications found on these types of operating systems. Mac Marshal Forensic and Field Edition are each a worthy investment for any forensics investigator.
[Editor's note] To help avoid confusion, there are four versions of this offering: a Mac version, a PC version, a Forensic Edition and a Field Edition. Mac works just with Mac. PC works just with PC. The other two work with both.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- Education sector bullied by ransomware and can barely defend itself, report
- IoT assault, connected devices increasingly used for DDoS attacks
- RAUM weaponizes torrents to deliver malware
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- RIG EK rigged to steal tricks from Neutrino in fight to fill Angler's void
- SWIFT adds additional protective measures for members to ensure cybersecurity compliance
- 185M incidents bypassed perimeter defenses - report
- Pagers found leaking patient health information
- OVH suffers massive 1.1Tbps DDoS attack