EnCase Forensic v7
May 20, 2013
£2,282, includes one-year SMS
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A solid computer/media/mobile device forensic tool with a history of experience
- Weaknesses: Can be dicey to set up in a network environment with multiple other products’ CodeMeter dongles running on a networked licence server
- Verdict: The usual reliable, solid offering we expect from this vendor
Encase Forensic v7 is a tool for computer investigation that both searches a computer system for information, as well as aids in the process of developing this information into a complete report. This software can decrypt high-level forms of encryption, create an image of the physical drive, and then generate reports on the evidence.
After some initial challenges - the package we received did not include all necessary information - we were able to contact Guidance Software and receive the files necessary to install the software. The customer service was helpful in getting us through the install process after we encountered problems getting the software fully functional. We must say it took a lot of time to finally get all of the necessary information for the installation process.
We determined that the software had trouble running on a network of computers using multiple CodeMeter dongles. The EnCase software would run and display an error message claiming it did not have all proper licence certificates. Forensic v7 uses a secure key from the CodeMeter dongle so when operating on a network with multiple dongles, it had trouble identifying which secure keys related to the product. To get it to run on our network, we had to disable all our other tools that used a similar secure key. Otherwise, it would try to identify these keys as its own and fail to run. This means that while the software ran very well once it had its licence identified, it might prove to be a nuisance on systems with many tools running that use CodeMeter dongles. Disabling the other secure keys would be both time-consuming and prevent one from using multiple tools in tandem. Therefore, our installation was time-consuming and we had to jump through hoops to get the software to operate on our network, though it did eventually work - and work very well, indeed.
EnCase Forensic v7 claims to be a comprehensive, industry-standard computer investigation solution - and it does not disappoint. The user interface is a clean, simple and comfortable platform from which to work. The flexibility and versatility of the interface is one of the product's greatest strengths, as it creates a more valuable experience for the user. The features also help to make it an attractive option. It provides the capability to analyse Linux, Unix and Mac systems, as well as major phone and tablet operating systems, such as Android, Apple iOS and more. The evidence processor is customisable and efficient.
The interface of the program is easy to use and user friendly. The software is well organised. The search results becoming available as they load is also a useful feature, as is the ability to create a report of the evidence and findings. While the software encountered minor difficulties when beginning the installation process, the support staff were so helpful and were able to help us develop a workaround for our particular network.
EnCase is, arguably, the grandparent of computer forensic tools and this legacy of experience shows in each new release. This one is no exception. Version 7 has a good combination of ease of use for the novice and comprehensive capability for the power user.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry