Belkasoft Evidence Center 9.5 Aims to Help in Corporate Investigations
Belkasoft releases a major update to Belkasoft Evidence Center, the company’s
flagship digital forensic solution. The new release adds a number of features to
help IT security staff analyze incidents and perform remote investigations, investigate
hacking attempts and analyze evidence across case boundaries. With this update,
Belkasoft Evidence Center aims to help companies investigate incidents occurred
on their corporate network or corporate mobile devices.
Remote Acquisition of Corporate Computers and Smartphones
Belkasoft Evidence Center 9.5 adds a major new feature to enable IT security
personnel investigate incidents without leaving premises. Remote acquisition helps
investigators obtain full device images of corporate servers or workstations running
in a distributed environment. By using centralized deployment, IT security staff
may install an acquisition agent to any computer running on the corporate network.
This agent will then obtain full images of the computer’s volatile memory, hard
drives and connected smartphones without preventing normal operation and without the need to remove the hard
drive(s). Whether the organization has one or multiple locations, this new feature
allows non-invasive incident investigations in distributed environments.
Analyzing Hacking Attempts with Incident Investigation
Incident Investigation is another new feature that further expands how Belkasoft
Evidence Center is used in corporate environments. Incident Investigation helps
companies investigate hacking attempts of Windows-based computers by performing
an automated analysis of numerous sources. The tool analyzes the Windows registry,
event logs and memory dumps to discover traces of successful and unsuccessful remote
attacks that are commonly used to break in to the company's infrastructure.
Searching for, locating and analyzing evidence is a major function of Belkasoft
Evidence Center. The search engine has been massively enhanced and improved in version
9.5, allowing investigators locate and link evidence across different cases. Examples
of linked information may include email addresses, phone numbers, account ID’s or
user profiles that may be present in the current case as well as in older cases.
With this feature enabled, a cross-case search hit triggers a prominent alert in
the status bar.
Mobile Acquisition and Analysis
Belkasoft Evidence Center 9.5 improves mobile acquisition and analysis by adding
the ability to process and analyze Android phones’ backups made with the most popular
custom recovery TWRP. TWRP images contain file system images of the entire data
partition complete with all files and folders including sandboxed app space. For
iOS devices, the tool can perform the full file system extraction via a jailbreak.
The two features are provided via a separate Mobile Device Analysis module.
Other Improvements and Enhancements
Belkasoft Evidence Center 9.5 offers numerous performance and usability enhancements,
massively improved search performance and better reporting and exporting. More information
about what has been updated in version 9.5 is available at
About Belkasoft Evidence Center
Belkasoft Evidence Center is a world-renowned tool used by thousands of customers
for conducting mobile, computer, RAM and cloud forensic investigations. Belkasoft
Evidence Center can automatically acquire digital devices; discover, extract and
analyze evidence from a wide range of sources including mobile backups and dumps,
computer hard drives and disk images in all popular formats, and memory dumps. The
tool can capture and analyze volatile evidence stored in the computer’s RAM, identify
encrypted files, carve Internet chat logs, Web browsing history and email communications
including information stored in digital pictures and videos. The ability to process
office documents in a wide range of formats enables investigators to perform near-instant
full-text search among all the documents discovered on the suspect’s PC.
Low-level access to hard disk and system structures means that even data that
has been deleted by the suspect cannot escape from investigators. Supporting Windows,
Unix/Linux, Android and macOS file systems, natively mounting images created in
EnCase, FTK, X-Ways, DD and SMART formats, GreyKey, UFED and OFB images, JTAG and
chip-off binary dumps, and many popular virtual machines without using these or
any third-party tools, Belkasoft Evidence Center can collect more evidence than
any single competing tool in its class.
Pricing and Availability
Belkasoft Evidence Center is available immediately. Prospective customers are
welcome to request a quote at https://belkasoft.com/quote
or download the evaluation version at https://belkasoft.com/get
Existing customers with non-expired Software Maintenance and Support contracts
can update to version 9.5 free of charge. Incident Investigations, Remote Acquisition
and Cross-Case Search modules can be purchased separately.
Founded in 2002, Belkasoft is a global leader in digital forensics technology,
known for their sound and comprehensive forensic tools. With a team of professionals
in digital forensics, data recovery and reverse engineering, Belkasoft focuses on
creating technologically advanced yet easy-to-use products for investigators and
forensic experts to make their work easier, faster, and more effective.
With this focus in mind, Belkasoft introduces their flagship product,
Belkasoft Evidence Center—an easy-to-use,
integrated solution for collecting and analyzing digital evidence from mobile and
computer devices. Customers in law
enforcement, police, military, business, intelligence agencies, and forensic laboratories
in 130+ countries worldwide use Belkasoft products to fight homicide, crimes against
children, drug trafficking, data leakage, fraud, and other online and offline crimes.
More information about the company and its products at
# # #
Information on Belkasoft Evidence Center as well as the free demo download are
available at https://belkasoft.com/get
The complete list of additions and enhancements in the current release is available