Content

Analysis and testing: Innovators 2015

This usually is a very big category. However, a lot of fine Innovators in this space have passed into the Hall of Fame in prior years. There are several possible sub-categories here, however, and we scoured our resources for players in all of them that we felt would fit into a list of Innovators. Along the way we asked where, in terms of analysis and testing, would we most likely be successful in our hunt? The answer, actually, was pretty obvious: digital forensics.

Cyberforensics may be the poster discipline for testing.

Since we have a specialty in cyberforensics, it seemed only natural to go to our own tool kit and see what pops out. We have some fine tools in our kit and we have used a lot more and reviewed a lot more still. For all of that, just one jumped out at us. Always opting for quality over quantity, we were quite happy with this one Innovator and we think you'll agree that they are pretty creative in a lot of ways. They also are living proof that you don't need a big organization to turn out a first-rate product with a lot of innovation behind it.

Cyberforensics may be the poster discipline for testing. In fact, as we discussed products in other sections of this year's issue, we found that many, regardless of category, were at pains to point out that they had good forensic capabilities. Indeed, digital – or, if you prefer the jargon of the day, cyber – forensics is emerging as a popular buzz-phrase, key to a lot of functionality in information security. It also seems to be attracting more students than many other disciplines, certainly many other technology disciplines. Perhaps it's the “CSI Effect,” but whatever it is, it is one of the defining functions of many security tools and services.

So, with just one incumbent in this category – but a fascinating incumbent it is – let's move on to our last group before we enter the hallowed halls and corridors of the Innovators Hall of Fame.

Vendor SiQuest  

Flagship Product Internet Examiner Toolkit 

Cost $1,495. 

Innovation Combining several approaches to cyberforensics in a single tool informed by the internet. 

Greatest strength Attention to user needs and passion for digital forensics.

SiQuest

This is not a big company. In fact, it is a small company and has been for all of its 14 years of business. We looked at SiQuest last year and have used its tool off and on for various testing projects since then. It's history is interesting, much of it grew out of the Casey Anthony murder trial some years back. The SiQuest tool – it had another name then and far less functionality than it does today – figured prominently in law enforcement testimony. After that, this Innovator went back to the drawing board and the result was IXTK, the Internet Examiner Tool Kit.

There are other forensic tool kits that look at the internet so where's the innovation? There are other forensic tools that do dead box analysis, where's the innovation? The answer is in the fact that IXTK does both. In fact, it doesn't just do both, it informs dead box forensic analysis with information it combs live from the internet. As far as we know, it is the only tool to do that. But, as they say on late night television, there's more.

IXTK also can develop a good forensic picture from internet data by looking for it live. So we have a single tool that does dead box forensics, internet forensics and a combination of the two. What more could there be? How about social media forensics? And how about mobile devices? All of this is in the tool and on top of that, the tool is a walk in the park to use. If you ever have used a digital forensics tool – just about any digital forensics tool – you won't even need the manual to get this one up and productive (word of warning, though, read the manual just in case you need to testify about your findings in court).

From an “under the covers” perspective, another innovation is the way the tool indexes. Rather than create an entire index of all of the data in an image – if you do forensics you know how long that can take on a big disk – it simply looks for and indexes just the artifacts – and, beyond that, just the artifacts you want. That can be selected from a menu.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.