OnLineDFS enables a rapid but forensically sound determination about whether an issue exists in a computer so that quick action can be taken to address the situation. Since OnLineDFS enables non-disruptive but forensically-sound examination and information-gathering, including from systems which are geographically remote from the investigator, it is an ideal tool for compliance auditing and e-discovery data collection. And because OnLineDFS does not rely on pre-installed agents, it is an excellent solution for law enforcement when called upon to conduct a live investigation, especially in a corporate or other networked computing environment.
OnLineDFS is structured to enable the capture, search and analysis of three major categories of data:
Volatile system state data;
Memory and registry data;
These are the key attributes of OnLineDFS.
Examines running systems
Requires no preinstalled agents
Provides an investigative methodology beginning with "triage" of the target computer, and then enabling an investigation to go in whatever direction the initial results lead
Minimizes impact to and disruption of the target system