Cyber Security Technologies Mac Marshal
May 01, 2013
Cyber Security Technologies, IncProduct:
Mac Marshal Forensic Edition for Macs: $995; for PCs: $795; Bundle: $1,395; Field Edition: $1,795.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: These products make it easy to investigate a Mac, dual-boot or virtualized OS running on the Mac.
- Weaknesses: There is little documentation with the product or on the website to help users get started.
- Verdict: This set of products allows users to engage all features with ease when working in a Mac or hybrid Mac/PC environment.
Both Mac Marshal Forensic Edition and Field Edition provide user-friendly forensic tool kits. Each allows users to access a computer with ease and flexibility. While these offerings were designed originally for Mac OS X to access data, logs and virtual machines running within the Mac OS, the Forensic Edition for PCs will also work with MS Windows.
The Mac Marshal Forensic Edition software comes either on a disk or can be downloaded from the company's site and then installed onto the computer. This product allows the user to run on a Mac OS X 10.4 or later and Microsoft Windows XP or later. With this tool, one is able to examine the designated drive to a full extent. With the Forensic Edition, users are able to gather data from every Apple device connected to the computer being examined. When used on a Mac's features, the user is able to collect log information from the most common Mac apps, such as Safari, iChat, Mail and Address Book. This product provides a simple tool to access drives on a Mac or PC.
The other offering is Mac Marshal Field Edition. This iteration can be used on either a Mac or PC. The software comes on a flash drive and there is no installation to run on the computer. The Field Edition includes everything that the Forensic Edition bundle has, except that it is a live triage tool. Unlike the Forensic Edition, the Field Edition is able to be used on a computer without having to tamper with the unit. Other features of the Field Edition include physical memory acquisition and live-state acquisition tools, helping to preserve the computer data before creating an image. Both products allow for ease with navigation when viewing the chosen drive(s).
The support for each of the products is basic. Both include electronic manuals that offer a lay description of how to use the products. As for the website, there is not much instruction offered. The customer support is free for the first year, and is then 20 percent of the license price. The only type of support available is by email. We found this to be the major downside of the product itself. As a test, we emailed the support staff to see how responsive they were and were pleased to see that our inquiry was answered within 24 hours, and that their online support works standard business hours, five days a week.
Overall, this is a product that is worth investing in. It is easy to view a disk and gather data based on what is found. Both products are reasonably priced and worth every penny - with the caveat that the customer service is limited. However, that does not affect the value of the product itself. These tools are both useful in forensics on Macs and PCs, providing access to dual-boot Macs and common applications found on these types of operating systems. Mac Marshal Forensic and Field Edition are each a worthy investment for any forensics investigator.
[Editor's note] To help avoid confusion, there are four versions of this offering: a Mac version, a PC version, a Forensic Edition and a Field Edition. Mac works just with Mac. PC works just with PC. The other two work with both.
SC Magazine Articles
- Three zero-days found in iOS, Apple suggests users update their iPhone
- MedSec goes its own way with medical device flaw
- Voter databases in two states breached by foreign hackers, FBI
- Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet
- Ransomware: The evolution of cybercrime, a roundtable
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Don't connect your charging cell to a computer or you may get hacked!
- China allows foreign tech firms to participate in creating cybersecurity standards
- Fantom and FairWare ransomware discovered
- Six senators urge Obama to prioritize cybercrime at G20 summit
- Creating a buzz: USBee software causes air-gapped computers to leak data via USB connections
- Privacy advocates upset over FAA drone regulations, citizen takes action