Product Type |
---|
Gain deep visibility into remote endpoint data to investigate cybersecurity incidents, data breaches, or employee wrongdoing.
Use FTK Enterprise to expose and investigate a variety of criminal and malicious activities, including data breaches, database tampering, inappropriate sharing of confidential company information, deletion of files, wiping of hard drives, or viewing of inappropriate content.
Discretion can be critical when conducting internal investigations, so FTK® Enterprise uses covert, agent-based technology to ensure that employees and teams aren’t alerted as you acquire remote data.
Eliminate the hours spent manually digging through endpoint registry data, internet history, and system summary files for the data you’re interested in. FTK Enterprise intelligently categorizes the most data artifacts to help you pinpoint key evidence faster.
Stop risks in their tracks with remediation capabilities that give you the ability to delete offending files, kill processes, and stop non-compliant activities across endpoints.
FTK Enterprise can deploy agents to each endpoint (including Macs), and then perform discreet agent-based remote collection to a secure, encrypted forensic container.
No VPN? No problem! FTK Enterprise is the leader in Off-Network Acquisition. Organizations can continue to perform data collections from traveling or ‘work from home’ employees who may not be connected to the VPN, as long the endpoint is simply online.
Full-disk collection takes up time and storage space. With FTK Enterprise, you can perform a rapid risk assessment of a suspected compromised endpoint by previewing the contents to see the endpoint’s folder structure, filter for specific file and data types, and view files of interest before performing a collection.
Integrate FTK Enterprise with SOAR and SIEM solutions to instantly preserve and collect endpoint evidence upon detection of an intrusion, with optional FTK Connect automation. [link to page]. Exterro’s seamless integration with cybersecurity platforms like Cortex XSOAR reduces risk and speeds up internal breach investigations, with 24/7 real-time evidence collection and auditable preservation capabilities.
Conduct remote endpoint collection, preview, and remediation securely within a Zero Trust framework such as ZScaler, using encrypted public site server technology.
Easily compare an endpoint’s volatile data to the previous time you previewed it to locate differences in processes or applications that are running.
Target specific locations on the endpoint, then apply filters to limit the size and scope of the collection and bypass irrelevant data.
Collect, parse and render Apple Mail, iMessage, iWork files, Safari browser data, Outlook for Mac email, Mac Artifacts, and Mac system summary data like Spotlight Search, KnowledgeC, and Power Log data.