Cyber Security Technologies Mac Marshal
May 01, 2013
Cyber Security Technologies, IncProduct:
Mac Marshal Forensic Edition for Macs: $995; for PCs: $795; Bundle: $1,395; Field Edition: $1,795.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: These products make it easy to investigate a Mac, dual-boot or virtualized OS running on the Mac.
- Weaknesses: There is little documentation with the product or on the website to help users get started.
- Verdict: This set of products allows users to engage all features with ease when working in a Mac or hybrid Mac/PC environment.
Both Mac Marshal Forensic Edition and Field Edition provide user-friendly forensic tool kits. Each allows users to access a computer with ease and flexibility. While these offerings were designed originally for Mac OS X to access data, logs and virtual machines running within the Mac OS, the Forensic Edition for PCs will also work with MS Windows.
The Mac Marshal Forensic Edition software comes either on a disk or can be downloaded from the company's site and then installed onto the computer. This product allows the user to run on a Mac OS X 10.4 or later and Microsoft Windows XP or later. With this tool, one is able to examine the designated drive to a full extent. With the Forensic Edition, users are able to gather data from every Apple device connected to the computer being examined. When used on a Mac's features, the user is able to collect log information from the most common Mac apps, such as Safari, iChat, Mail and Address Book. This product provides a simple tool to access drives on a Mac or PC.
The other offering is Mac Marshal Field Edition. This iteration can be used on either a Mac or PC. The software comes on a flash drive and there is no installation to run on the computer. The Field Edition includes everything that the Forensic Edition bundle has, except that it is a live triage tool. Unlike the Forensic Edition, the Field Edition is able to be used on a computer without having to tamper with the unit. Other features of the Field Edition include physical memory acquisition and live-state acquisition tools, helping to preserve the computer data before creating an image. Both products allow for ease with navigation when viewing the chosen drive(s).
The support for each of the products is basic. Both include electronic manuals that offer a lay description of how to use the products. As for the website, there is not much instruction offered. The customer support is free for the first year, and is then 20 percent of the license price. The only type of support available is by email. We found this to be the major downside of the product itself. As a test, we emailed the support staff to see how responsive they were and were pleased to see that our inquiry was answered within 24 hours, and that their online support works standard business hours, five days a week.
Overall, this is a product that is worth investing in. It is easy to view a disk and gather data based on what is found. Both products are reasonably priced and worth every penny - with the caveat that the customer service is limited. However, that does not affect the value of the product itself. These tools are both useful in forensics on Macs and PCs, providing access to dual-boot Macs and common applications found on these types of operating systems. Mac Marshal Forensic and Field Edition are each a worthy investment for any forensics investigator.
[Editor's note] To help avoid confusion, there are four versions of this offering: a Mac version, a PC version, a Forensic Edition and a Field Edition. Mac works just with Mac. PC works just with PC. The other two work with both.
SC Magazine Articles
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Blasphemy! Godless malware preys on nearly 90 percent of Android devices
- 'Password attacks' continue; Citrix becomes latest victim
- Dangerous connections: Risky LinkedIn behavior runs rampant, finds survey
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- CEO sacked after aircraft company grounded by whaling attack
- Wendy's POS breach 'considerably' bigger than first thought
- Microsoft warns of new, self-propagating ransomware in the wild
- No hacking required: Israeli researchers show how to steal data through PC components
- IRS implements new authentication safeguards
- Darktrace boss says we are living in a "golden age of criminality"
- UK Cyber-security after Brexit: May not be as bad as it first appears
- Industry, privacy groups: EU and U.S. Privacy Shield changes unlikely to ease concerns
- District court judge: FBI's hacking trick does not require warrant