Verdict: FTK will continue to be our computer forensic workhorse and we make it SC Lab Approved for another year.
Verdict: This belongs in every lab doing mobile device forensics. Not only is it a solid tool, it is perfect for triage. We make this our Best Buy this month.
Verdict: We wish that we could afford this tool for our lab but, as powerful as it is, it is far out of the range of any but large organizations with significant investment in forensics and DFIR.
Verdict: This has become a mainstay in the lab for tracking research projects, all of which behave a lot like digital forensic investigations. Over the past year we have not retained our research records because there was no need to. This year, need or not, we will. We make this ...
Verdict: While monitoring remote sessions may not be the first thing you consider when you are planning DFIR, if you are accessing servers and critical/sensitive workstations remotely you should consider this product strongly, no matter what the size of your enterprise is. This is our Recommended product for this month.
Verdict: This is probably the best analytics tool we've seen and the notion of feeding with a SIEM is intriguing for its significant possibilities. We certainly will be doing that here in the Labs. NIKSUN has been SC Lab Approved since we started the program and we continue that for another ...
Verdict: Solid malware analysis tool, especially good for engineers just getting started with malware analysis. We make this our Recommended tool for this month.
Verdict: Since this is SC Lab Approved, the obvious verdict is that it is a first-rate tool and merits examination if you are looking at doing in-house malware analysis (and you should be). We continue to rate this one SC Lab Approved for its heavy utility in our lab and superior ...
Editorial Staff Blogs
Data loss prevention: Best practices for making attackers’ efforts unproductive.
This eBook looks at today’s best practices for making the attackers’ efforts unproductive.
Build or Buy? Security Operations Center Strategies for Midmarket Companies
Download this paper for insights into the challenges and opportunities of building your security internally and the advantages of a managed security operations center.
Defending the elusive Endpoint
How do CISOs defend against endpoint attacks? This ebook looks at capabilities of basic endpoint security, as well as addresses how CISOs can defend against more sophisticated attacks...
To SIEM or not to SIEM
Download this paper to discover the top 5 reasons why SIEM can be a bad choice for mid-market companies, other options that are available to mid-market companies with smaller budgets...