AccessData® Enterprise provides network-enabled digital investigations, built on AccessData's court-validated Forensic Toolkit® technology, AD Enterprise delivers remote incident response capabilities, deep dive analysis of both volatile and static data, as well as threat detection capabilities within a GUI console interface. A role-based permission system, an intuitive incident response console, secure batch remediation capabilities, searching and filtering, and comprehensive logging and reporting are some of the features provided by AD Enterprise.
- Content Monitoring Alerts - Quickly correlate user activity with a content monitoring alert and forensically preserve relevant data.
- Employee Malfeasance - Conduct complete forensic investigations over the wire in stealth to verify whether malicious activity has occurred.
- IP Theft - Conduct quick and thorough investigations of multiple individuals with a focus on user files and email.
- Computer Usage Violations - Quickly scan the network for unapproved processes and preview drives to determine if computer usage violations have occurred.
- Legal Matters - Conduct complete forensic investigations over the wire to identify, analyze and collect sensitive data relevant to any given matter.
External Threat Analysis
- Hacking - Thoroughly and rapidly scan thousands of machines to determine scope of a breach and perform root cause analysis.
- Malware - Scan thousands of machines quickly for unknown and known malicious processes and dlls.
- Advanced Persistent Threats - Identify malicious artifacts running in memory.
- IDS Alerts - View current activity on a given machine to resolve IDS alerts.
- Compromise Assessment - Create a threat profile and audit to identify all contaminated machines.