Bit9 Analyzer™
Do you spend a lot of time and effort filtering out known good files as part of EnCase forensics?
Bit9 Analyzer enables you to isolate known good software from unknown, malicious ones based on a snapshot of world's largest collection of reputed software database (Bit9 Global Software Registry). As a result you can direct scanners only on the subset of files that are unknown, open source or malicious code.
Bit9 Analyzer empowers Encase users to take advantage of the comprehensive repository of whitelisted binary code and executables. EnCase Enterprise and Encase CyberSecurity are integrated with Bit9 Analyzer through the user interface console and can retrieve metadata information as necessary to conduct appropriate cyber forensics and eDiscovery.
Bit9 Analyzer for EnCase - based on the Global Software Registry - reduces investigations from days to hours.
Fast Facts
- Shorten the duration of your investigation and expedite audits by filtering known good files from the investigation.
- Eliminate false positives by isolating known trusted files and software through Encase UI filters against the Bit9 GSR.
- Identify binaries and executables that have violated corporate policies and regulatory compliance.
- Hash lookups submitted as SQL queries return a set of basic metadata (file-name, version, publisher, trust level etc) related to each file.
- Analyzer is delivered as a hard disc with the latest snapshot of the GSR database. Updates to the database are provided each month over the web.
