WetStone Technologies US-LATT
August 02, 2010
Free for law enforcement agencies; LiveU3: $695 (4GB) and $795 (32GB)
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Quick and efficient way to collect critical system data.
- Weaknesses: Report file can be a bit tedious to navigate. Available only to law enforcement agencies.
- Verdict: A strong product with great value to the law enforcement community. We’d like to see it in the general forensic community.
WetStone US-LATT provides investigators with the ability to collect critical, live system data. The tool uses a USB U3 smart device with user-defined configurations to capture data on live systems, and it uses Windows Auto Run to collect critical information, such as network data, hardware inventory, complete memory dump, and more.
The US-LATT USB Configurator program quickly and efficiently loads capture specifications onto the USB device. On inserting the USB device into a suspect system, US-LATT works quickly to gather information specified by the US-LATT USB Configurator. A complete collection of a Windows XP machine, which included a complete 2GB memory dump, finished in 10 minutes.
The configuration of the US-LATT USB device is a simple three-step process. The first step is to input investigator information. The second step is a simple screen with more than a dozen options that can be turned on or off through checkboxes. The third step involves loading the configuration to the USB device. After the USB device is configured, it is ready to be inserted into a suspect system. When you insert the configured USB device into a system, US-LATT instantly starts the data collection.
A report on the information collected is created by the US-LATT Import and Report Generation program on the configuration machine. The report is contained in a single HTML file. We think this is the biggest weakness of US-LATT. After each section, there is a link back to the navigation menu, but moving through the report is difficult as the navigation menu is only located at the top of the page. The program also allows investigators to "quick erase" the data collected after import.
The documentation provided is a PDF that contains installation, configuration and usage information. This is fully searchable along with links and bookmarks.
WetStone is currently under contract with the National Institute of Justice to provide US-LATT free to state and local law enforcement. We feel that this is an excellent value to the law enforcement community. We wish that it was available to non-law enforcement organizations.
SC Magazine Articles
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- USAA members hit with multiple phishing attacks
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- U.S. government extends offer to protect states from electoral cyberthreats
- Cisco shedding 7% of its workforce
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- The media becomes the story as hackers focus efforts on news organizations
- Researchers quell Wildfire ransomware with decryption key
- M&A deals bring added cybersecurity risks
- Twitoor first Android malware known to leverage Twitter for command and control
- Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet