Belkasoft Triage is a new digital forensic and incident response tool developed specifically for a quick analysis of a live computer and making a partial image of important data.
Belkasoft T is designed to assist in situations when an investigator or a first responder is at the scene of incident and needs to quickly identify and obtain specific digital evidence stored on a Windows machine.
The product is irreplaceable in situations of time pressure, when there is a need to quickly detect presence of specific data and obtain investigative leads instead of conducting an in-depth analysis of all the digital evidence.
Launch Belkasoft Triage from a dongle connected to a device being investigated
Detect 1500+ types of computer, mobile and cloud artifacts such as emails, chats, browsers, system settings and others
Automated acquisition of a computer RAM dump
Detect presence of virtual machines, memory files and mobile backups
Detect skin tone in found pictures
Calculate file hash values and show an immediate alert on files with known hashes
Stop the analysis at any time once you got enough information
Export discovered results partially or entirely
Select evidence to be included into the resulting image
Belkasoft Triage is Belkasoft's new DFIR tool that enables an investigator to extract and filter out important data relevant for your case from running computers.
During this webinar, Belkasoft's CEO will speak about how the new product helps you in your investigation needs. You will also get a sneak peek into the new product during the demo session.
The product is user friendly enabling both experts and non-technical specialists to use it out of the box
Belkasoft T is portable and can be started from a dongle
In a matter of minutes, you will get the information of presence of data you are looking for, such as, for instance, Skype profile or Outlook mailbox
Belkasoft T can be easily configured during operation and does not require special knowledge to set up
Images acquired with Belkasoft T can be analyzed in Belkasoft X for a deeper insight into the content of the copied data
Run Belkasoft T from a dongle
Select a folder or disk
Acquire RAM if needed
Configure options, such as hash set databases and skin detection
Start the analysis and review the discovered application profiles
Export selected data into an image readable by Belkasoft X as well as other forensic tools