ProDiscover Forensic 4.9
May 01, 2008
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Easy to use for a single-system forensic investigation
- Weaknesses: Greater flexibility for evidence sources would help
- Verdict: A solid forensic application that is above average for this kind of package
ProDiscover allows for scripting of commands using Perl script programming language. The scripts can be handy to automate tasks that are routinely performed as part of a forensic investigation. The product is pretty feature-rich, but having internal viewers as opposed to loading the applications would be a time saver.
ProDiscover needed around three minutes to create a forensic image of a 1GB drive. Importing the image file into the tool was so quick that it was impossible to time. ProDiscover recovered more deleted files than any other program, including some files that had supposedly been wiped using a program from a well-known manufacturer.
ProDiscover found many deleted executables, directory and picture files. The password-protected files were not highlighted, and the investigator would only know their status after double-clicking on the file to open it in the external application. The product also did not detect the presence of
any steganographed files. The picture files merely opened in picture preview.
Since ProDiscover is designed to read an imaged system disk rather than individual files as inputs, we were unable to test it against VMWare disk files to ascertain if it would view the VMWare file as a flat file or a virtual file system.
The installation was as easy as for any offering in this group. The solution installed from a downloaded file (around 100MB), which set up the ProDiscover program as well as ActivePerl for forensic scripting on the system. The licence file was copied to the program directory and the installation was done.
The help file is above average and covers most of the common usage of the product. Reading the first few sections will provide the knowledge to perform basic tasks with the system.
At a price of £12,995, ProDiscover is at the upper end of the price spectrum.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator