Belkasoft Evidence Center 2018 v.8.5 Offers Advanced Mobile Forensics and RAM Analysis
SUMMARY
Belkasoft rolls out an update to Belkasoft Evidence Center 2018 (BEC). The new release
delivers major improvements in the areas of live memory analysis and volatile evidence
acquisition, improved mobile forensics with Android 7 support, and support for wallet
apps of two popular crypto-currencies Bitcoin and Ethereum.
Sign up for a webinar on new BEC!
Belkasoft updates Belkasoft Evidence Center 2018 with multiple improvements,
offering live memory analysis and malware detection for Windows 10 RAM dumps and enhancing support for
Android physical acquisition. Belkasoft’s digital forensic suite now supports wallet
apps for two of the most popular crypto-currencies Bitcoin and Ethereum, allowing
experts to analyze transaction made with those crypto-currencies.
In addition, Belkasoft Evidence Center 2018 brings support for the latest mobile
apps, technologies and operating systems up to date. iCloud backup downloader now
supported for all versions of iOS up to and including iOS 11, while logical acquisition
of Android devices now supports Android 7 Nougat.
“Evidence Center is a well-established digital forensic tool”, says Yuri Gubanov,
Belkasoft CEO. “In this release, we are bringing the tool in sync with the latest
desktop and mobile operating systems, apps and cloud services. We have also started
to recognize the importance of digital crypto-currencies, allowing investigators
to access transaction data in Bitcoin and Ethereum wallets.”
Carving for Volatile Evidence: Full Windows 10 Support
Belkasoft pioneered volatile evidence carving in Evidence Center quite some years
ago. The technology works by analyzing volatile memory (RAM) dumps captured from
live systems, enabling the discovery of essential evidence among the highly fragmented
memory dump by analyzing and reconstructing the page tables.
Up until now, the ability to carve evidence was limited to memory dumps obtained
from systems running Windows 7 and older. In this release, Belkasoft Evidence Center
8.5 brings the signature carving feature to the next level, adding full support
for memory dumps obtained from computers running all versions of Windows 10. With
Windows 10 now running on some 43 per cent of compatible Windows devices, there
could be no better time to introduce this feature.
In addition, the revamped analysis module now offers new process extraction and
visualization options, allowing experts to quickly review process that were running
on the system being investigated.
Logical and Over-the-Air Acquisition Now Support iOS 11
Belkasoft Evidence Center 8.5 brings support for logical and over-the-air acquisition
of iPhone and iPad devices running iOS 11. For iOS devices, Belkasoft Evidence Center
8.5 supports logical acquisition through iTunes backups as well as over-the-air
extraction from iCloud. Version 8.5 brings support for the latest changes in Apple
iCloud, allowing experts to download and analyze backups produced by iOS 11 devices.
Digital Wallet Support for Crypto-Currencies
In the world of traditional forensics, a digital wallet is an app that stores
information about the user’s payment methods, discount and loyalty cards. The raise
of crypto-currencies such as Bitcoin and Ethereum has changed that perception. A
digital wallet now keeps the actual money, and stores information about the user’s
financial transactions.
Evidence Center 8.5 adds support for crypto-currency wallets Bitcoin, Armory,
and Jaxx, and supports two of the most popular crypto-currencies: Bitcoin and Ethereum.
About Belkasoft Evidence Center
Belkasoft Evidence Center is a world-renowned tool used by thousands of customers
for conducting computer and mobile forensic investigations. Belkasoft Evidence Center
can automatically discover, extract and analyze evidence from a wide range of sources
including computer hard drives and disk images in all popular formats, memory dumps,
mobile backups and chip-off dumps. The tool can capture and analyze volatile evidence
stored in the computer’s RAM, identify encrypted files, carve Internet chat logs,
Web browsing history and email communications including information stored in digital
pictures and videos. The ability to process office documents in a wide range of
formats enables investigators to perform near-instant full-text search among all
the documents discovered on the suspect’s PC.
Low-level access to hard disk and system structures means that even data that
has been deleted by the suspect cannot escape from investigators. Supporting Windows,
Unix/Linux, Android and Mac OS X file systems, natively mounting images created
in EnCase, FTK, X-Ways, DD and SMART formats, UFED and chip-off binary dumps, and
many popular virtual machines without using these or any third-party tools, Belkasoft
Evidence Center can collect more evidence than any single competing tool in its
class.
About Belkasoft
Founded in 2002, Belkasoft is a global leader in digital forensics technology,
known for their sound and comprehensive forensic tools. With a team of professionals
in digital forensics, data recovery and reverse engineering, Belkasoft focuses on
creating technologically advanced yet easy-to-use products for investigators and
forensic experts to make their work easier, faster, and more effective.
With this focus in mind, Belkasoft introduces their flagship product, Belkasoft
Evidence Center – an easy-to-use, integrated solution for collecting and analyzing
digital evidence from mobile and computer devices. Customers in law enforcement,
police, military, business, intelligence agencies, and forensic laboratories in
70+ countries worldwide use Belkasoft Evidence Center to fight homicide, crimes
against children, drug trafficking, data leakage, fraud, and other online and offline
crimes.
Belkasoft US is located at 3724 Heron Way, Palo Alto CA 94303.
More information about the company and its products at https://belkasoft.com
# # #
Information on Belkasoft Evidence Center as well as the free demo download are
available at https://belkasoft.com/get
The complete change log is available at https://belkasoft.com/new