ProDiscover IR v5.5
May 01, 2009
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: An intuitive interface combined with comprehensive features
- Weaknesses: Support options could still be improved at this price point
- Verdict: This is the tool for your over-the-network forensics needs. We make it our Recommended product this month
A previous favourite in over-the-network forensics returns once again. Technology Pathways' ProDiscover Incident Response (IR) v5.5 offers a clean interface and a strong forensics feature set. It has all the traditional forensic capabilities, but really shines when those features are carried out over the network. Additionally, the tool's integrated ProScript functionality allows investigators to quickly initiate common - or not so common - tasks, easily and efficiently.
Pushing out the tool's remote agent makes deployment as simple as possible. Additionally, this agent can be set to run in stealth mode, to avoid tipping anybody off.
Once deployed, the agent allows for the collection and analysis of numerous types of data. Of course, a full image of the target can also be acquired. It is worth noting that the live analysis now supports capturing RAM in Windows Vista and Server 2008. Another addition is the ability to search via pattern matching wildcards.
The built-in viewers and logical evidence structure make the tool easy to use and we feel that ProDiscover Incident Response is a product well suited for the investigative process.
The manuals that accompany the product are comprehensive and in-depth. Although many of the functions of the tool are self-explanatory, the documentation provides step-by-step instructions for a large number of tasks that can be performed by the tool. Additionally, there is a guide to help users begin to code for the ProScript interface.
Support for ProDiscover Incident Response is still fee-based, and there is no option for a web-based solution. The website houses a forums section, as well as product documentation and downloads.
With a price of £12,995, ProDiscover Incident Response is at the top of the range for software. Despite this, there is no doubt that the product is great value. Any product that can provide as many features as ProDiscover IR in such a logical manner is well worth the price. We make it our Recommended product this month.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- The information security implications of M&A deals
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime