Custom Solutions for Digital Forensics
For agencies and labs whose requirements are not met by commercial off-the-shelf digital forensics tools, Basis Technology can build a system that meets your specific needs. Our team of digital forensics engineers has extensive experience building applications to improve investigation accuracy and efficiency, including:
- Distributed systems that analyze hard drive data in parallel on a cluster of computers to obtain quick results
- Graphical interface applications concentrated on the workflow of a specific group, enabling a more focused interface and decreased training time
- Parsers for physical memory dumps, from mobile devices that were acquired by JTAG or chip removal, that are not supported by other tools
- Modules for The Sleuth Kit Framework and Autopsy 3
By continuously evolving our digital forensics software frameworks and leveraging the experience of our digital forensics examiners, Basis Technology’s engineers quickly adapt to our customers unique requirements and build extensible and scalable software solutions for today’s changing digital forensics landscape and customers.
Tackling Large-Scale Data with Automation
As hard drives become larger, storage space becomes more commoditized and inexpensive. The adoption of computer-like devices (smart phones, iPods, etc.) continue to grow each year, and automation is required to obtain fast, efficient, and timely results. Basis Technology incorporates automation in our custom development efforts in several ways:
- Automate Repeatable Tasks: Batch processing systems are given a hard drive image and automatically perform standard and tedious tasks on it. The investigator is notified when the processing is complete, which allows her to focus on analyzing results from other drives.
- Knowledge Management: Shared modules automatically store the activities and knowledge of a lab’s investigators. As they analyze subsequent cases, investigators become more efficient and know where to find evidence. Without this effective form of knowledge management in place, new investigators may miss evidence, and critical knowledge is lost if investigators leave the team. The collective knowledge of a lab’s investigators automatically stored in a shared system enables efficient analysis of all case media by any investigator on the team.
- Focus on User Experience: Graphical interfaces that assume most investigations in a given lab start with the same basic steps. The tools remember the previous settings, which reduces error.
Leverage Existing Open Source Frameworks
As part of our custom development work, we have implemented frameworks consisting of reusable building blocks that we compose to create extensible end-to-end systems. These frameworks have been released as open source software, as an evolution of The Sleuth Kit Framework and Autopsy 3 platforms, in an effort to build critical mass to benefit the industry around open frameworks for digital forensics and to eliminate stove pipe solutions.
We have built many modules with advanced features, including text analytics from our Rosette platform, correlation among multiple drives, and video triage. See our Module Development page for more details on custom modules for these frameworks.