Some months back, a product from Cyber Security Technologies (CST) found its way to us in the labs as a potential First Look. It was an Apple forensic tool and that alone made it interesting. Of course, all of the big guys manage Apple forensics, so I was interested in why this was such a big deal. I found out.
CST's technology takes advantage of native Apple capabilities and looks like a Mac, so Mac users doing Mac forensics are very comfortable. Also, because it taps into Mac capabilities, it digs deeper than a Windows tool might. I was hooked and when this issue came around, I wanted a deeper dive into the company that thought this up.
I found out that this tool - the Mac Marshal - is just an example of the company's thinking. They started back in 2002 doing live forensics, something very new back then. Subsequently, they addressed a perennial problem with computer forensics in law enforcement: backlog. That became CST's rallying cry and it guided their development efforts. The challenge was to get deeper analysis, but make it easier so the analysis process moves faster.
The company is following a tried-and-true approach to the market: Give the product to law enforcement and sell it to everyone else. If the product is solidly accepted in the criminal justice community, it will become a standard overall. That has built some of the giants into what they are.
The other thing that market strategy does is gather lots of feedback, especially during training classes. Feedback is how one makes products better. What's the CST roadmap? More products and improvements/enhancements to the current crop. We'll be watching this one very closely and I predict a very good ride.
Flagship product: Mac Marshal
Vendor: Cyber Security Technologies
Cost: $995, free to U.S. law enforcement
Innovation: Recognizing a serious problem set in computer forensics and building a creative solution
Greatest strength: A very close and analytic view of the computer forensic market, and the willingness to act on the vision that view inspires
