Forensic Toolkit or FTK is a software technology used to perform computer forensics investigations. AccessData, creator of FTK is founded in 1987 with 6 global offices and 30 years experience in the industry.
It features unique distributed processing, which is an efficiently streamline processing time and reduces case backlog. Backlog is an accumulation of something, especially uncompleted work or matters that need to be dealt with.
FTK processes and indexes as data becomes available, thereforee time is not used for waiting searches to run, which makes relevant evidence collection quicker. Time can be alloted to analysis.
It has team data sharing capability. A shared case database is made available to other examiners on the team, reducing cost and complexity of creating separate case access and tracking. FTK is using PostgreSQL database ideal for handling large data. All functionalities are made available through its graphical user interface which sports display of data in timelines, cluster graphs, pie charts, geolocation.
For more info on the technical specifications, click here.
FTK includes a standalone disk imaging program called FTK Imager which is important in making image for hard disk and other non-volatile memory media.
No comments:
Post a Comment