ProDiscover Incident Response
July 11, 2006
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: All the basic forensic tools plus incident response.
- Weaknesses: Requires some experience with tools of this nature to get the full benefit.
- Verdict: Fully functional network-based IT forensics tool with the ability of gathering evidence remotely across a network at an attractive price.
ProDiscover IR is a complete IT forensic tool that can access computers over the network (with agents installed) to enable media analysis, image acquisition and network behaviour analysis.
Other capabilities include the remote analysis of running processes, open files, open ports and services, and other network-based functions. This is an invaluable capability in an incident.
ProDiscover IR is fairly easy to use. Its complexity and granularity mean the user must have some experience of working with a program of this nature, but we quickly found ourselves moving through it with little trouble. The user interface is laid out much like other products in this category, and we could navigate around it with barely any trouble at all.
The product combines features for computer forensics with tools for complete incident response. It features all the basic IT forensic capabilities - full disk imaging, an ability to find hidden data, file metadata information, and hash-keeping, as well as gather data on disks across an entire network. All its features are built into one main interface that is quite task-efficient with all functionality in one place.
The program performed well under our tests. Once we became familiar with the layout of the interface, we found it was a powerful tool - able to fully image both the disk on our forensics test disk and a disk on a computer on our network.
We also found that it was quite efficient, with fast and accurate imaging. Remote agents are very small footprint.
Documentation is well laid-out with clear explanations of all the program features. Technology Pathways offers in-depth support on its website, including how to contact support via phone and email as well as an online forum.
This product is excellent value - comparable products are far more expensive. The features of a fully capable network-based computer forensics tool, along with the ability to gather evidence remotely make it excellent value. We rate this product as our best buy in the computer forensics product class.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry