Collaborative Forensic Review with FTK Central
Empower reviewers, examiners, and investigators to work together to find evidence faster and produce results quickly with minimal training.
Share digital forensic evidence in real-time with case teams and external reviewers across the globe.
FTK Central is the only forensic platform that truly combines blazing-fast processing power, limitless scalability, and simplified review in a collaborative, web-based solution.
Collaborate Globally
Work together with external reviewers as well as team members in real time to uncover evidence faster.
Collect from Anywhere
Forensically collect data from anywhere. Perform covert on- or off-network collection from remote endpoints, as well as cloud data sources.
Process Evidence Faster
Configure multiple distributed processing engines to scale up and reduce processing time from days to just hours.
Conduct internal investigations with multiple reviewers with the intuitive Smart View.
WIth FTK Central, multiple investigators can work simultaneously on a single case, sharing evidence without duplicating work or wasting time. The user-friendly UI enables non-technical reviewers like HR or legal team members to be instantly productive with minimal training. Near-native views of mobile data, chats, spreadsheets, and Mac app artifacts help reviewers feel comfortable working with evidence.
Collaborate within and across jurisdictions with centralized evidence review.
Police forces are hamstrung by disjointed forensics workflows that create a mountain of data, evidence processing delays, and delayed justice for victims. FTK Central empowers frontline investigators to review their own evidence and collaborate with other examiners to reduce lab backlogs.
Identify malicious activity before it wreaks havoc with scalable Volatile Memory Collection.
Use FTK Central to determine if your organization has been compromised by examining traces of suspicious activity. Scan your network for clues like Indicators of Compromise (IOCs), YARA and MISP rules. Easily collect volatile data from up to 20,000 remote endpoints at once to preserve evidence and prioritize where to perform full-disk collections.
Additional Capabilities
-
Cloud Collection
Perform covert cloud data source collection from popular tools like the G Suite, Gmail, Microsoft Office365, Teams, One Drive, Exchange, and SharePoint, plus Slack and Box.
-
CSAM Support
Integration with Semantics 21 allows forensic investigators to easily share their CSAM image categorization work with collaborative hash databases like CAID and Project Vic.
-
Role-Based Access
Maintain security by setting permissions for each case file so reviewers only see data that is relevant for their assigned cases.
-
Optional Automation
Integrate with SIEM and SOAR solutions to automate the instant preservation of remote endpoint evidence upon detection of an intrusion. Automate case creation, evidence processing, searching and labeling – all without complicated scripting.
