CSI Tech - Helix, H3E and Nuix

One of the key skills of CSITech is forensic data acquisition in both overt and covert situations.

Helix

(Logo)Helix is a live forensics and incident response CDROM which has received over 600,000 downloads and is used by Law enforcement agencies and corporate teams across the globe. CSITech has trained the official Helix course to 100’s of people, enabling them to use Helix effectively and in line with accepted ‘best-practice’ principles. You can download Helix for free from the authors website at www.e-fense.com/helix

H3E

Our sister company,Bright Forensics is the exclusive UK reseller of Helix 3 Enterprise.

Our flagship incident response, forensics and e-discovery suite must be seen to be believed. Based on the worldwide success of the Helix Live CD, e-fense has created a new product to work at the enterprise level. H3E can respond immediately to threats; image drives; image volatile data, including system RAM; and scan users’ Internet history and documents. Look no further than H3E for your e-discovery needs.

Remote Forensics and Surveillance

Today’s world is increasingly litigious. Companies find themselves in the middle of legal action and must be make data available quickly, usually from digital storage. Other cases including employee misconduct, requiring a forensic response, including imaging and examination of hard drives. These issues can put pressure on already-taxed IT security teams. Incident response and e-discovery requirements are handled incorrectly, leaving the company open to criticism and legal action.

A cost-effective solution from e-fense now exists for IT security teams. IT can manage its legal responsibilities from a central location using software that ensures forensic integrity of data. Machines in the enterprise can be examined, hard drives imaged for forensic examination and necessary surveillance carried out - from any location around the globe (law allowing).

Intelligent monitoring

This solution revolves around tiny, covert software agents that can be deployed using standard patch management systems. The agent provides a point of contact for the console, which is used by the security team to communicate with each PC or server. The agent allows the console to connect to it using encrypted authentication and provides the operator with the ability to collect volatile evidence, RAM - even the entire drive. The agent also provides abilities to monitor the computer for anomalous activity that can be set by the operator.

E-discovery

Increasing legislation, especially Sarbanes-Oxley in the U.S., is causing problems for companies when e-discovery demands are made upon them. Our solution simplifies the issues by allowing the operator to instruct each deployed agent to search for defined data criteria, and either copy the data to a central store or report its presence.

Although there are of course other solutions in the market that provide some of these elements, H3E is not bound to any specific forensic examination platform and is significantly more cost-effective.

A number of Overt computer forensic tools such as H3E and Nuix are available from our partner Bright Forensics Ltd.


[ HOME ] [ NICK'S BLOG ] [ CONTACT US ] [ JUMP TO... ] TRAINING COMPUTER FORENSICS AUDIO FORENSICS OVERT TOOLS COVERT TOOLS NICK'S BLOG CONTACT US