AccessData Releases New Version Of AD Enterprise

AccessData Group has announced the release of AD Enterprise 6.5, a new version of its software tool for managing internal forensic investigations and post-breach analysis.

The new release features enhancements to the software product’s existing post-breach analysis capabilities, including more thorough “memory analysis” searches for malware, targeted data preview and collection of all complex data types directly at the user endpoint, and improvements to the user interface that streamline investigations.

“AD Enterprise 6.5 provides even deeper visibility into data so organisations can investigate the causes and potential implications of a data breach, then act swiftly to conduct their post-breach analysis and execute crucial response actions,” said Tod Ewasko, Director of Product Management at AccessData.

“Unlike other solutions, no third-party software or complex scripting languages are needed in conjunction with AD Enterprise to manage the network investigation and post-breach analysis.”

AD Enterprise gives deep visibility into data residing on enterprise networks and employee devices so that IT executives and information security professionals can work with digital forensics experts to investigate possible employee wrongdoing, fact-check a whistleblower’s claims, respond to government inquiries or conduct post-breach analysis.

Highlights of AD Enterprise 6.5 include:

  • Live memory analysis — Enhanced searching capabilities enable users to conduct more thorough “memory analysis” in the aftermath of a breach, identifying possible malware that has been left behind on the network, which improves the speed of the response and reduces chain of custody risk during the investigation.
  • Targeted preview and collection — A remote agent deployed by the software product enables the preview of live data at the endpoint, anywhere across the enterprise, so investigators can then determine what data should be collected. This saves time as well as storage costs, since only data critical to the case needs to be pulled back and ingested into the tool for analysis.
  • Tasking collaboration among investigators — Built-in collaboration features enable investigators to communicate with each other and across departments to share notes, tasks, and escalate incidents, directly within the product.
  • Parsing additions — The addition of several new parsers helps investigators analyse even more data types. A few of the new parsers include Windows registry activity, several SSH Parsers, Net Logon events, and parsers for Android including Google™ Hangouts, Kik, contacts from address books, calendars, SMS and call logs.  



Business Solution: