Published on 22 January, 2014
D3 Security, the award-winning incident reporting and case management software provider, recently announced the introduction of a comprehensive web-based software solution designed for IT forensics investigators.
D3 IT Forensics Case Management manages the entire investigations process as it relates to mobile devices and computers: from the seizure and acquisition of data, to facilitating secure collaboration and analysis, and finally, analytical reporting. The solution provides case requestors with much-needed transparency into the case process, and gives investigators an invaluable task-management tool for tracking and reporting across all of the standard data retrieval and processing tasks associated with each custodian in a case.
The D3 forensics suite consists of four major components: Web Intake; Case Management; Evidence Tracking; Transparency Reporting – all of which support the expanding needs of computer forensic investigators, computer security and litigation support professionals. The D3 forensics suite is currently in use, including by a top 5 global energy company.
“Our IT Forensics solution allows investigators to acquire data, manage the case, track the physical evidence and analyse digital evidence to such an extent that it can be presented in a court of law,” said Gordon Benoit, President of D3 Security.
Incident to resolution in four steps
With D3’s Web Intake component, case requesters can quickly and easily specify the parameters of a case request, including the ability to quickly upload a list of hundreds of custodians through a tailored web-form. Case requesters are not locked into a template, but can specify keyword requirements and any non-standard data sources, in addition to the standard minimum package of Hard Drive, Network Drive, and Email.
Requestors can then view progress on their case via a summary report, which is automatically distributed on a nightly basis to individuals authorised to access this data. The Web Intake portal can be integrated with active directory, and/or asset management systems, to easily populate a request with pertinent information on individuals and data-sources.
The Case Management interface of the suite focuses on managing the hundreds of tasks that can be associated with an IT Forensics case, including any due dates stipulated by an internal SLA (Service Level Agreement). These tasks are color-coded based on their due-date for at-a-glance prioritisation. Email reminders can also be generated when a task becomes overdue.
The D3 case management feature tracks key details for each data source, such as: Date/Time of Data Retrieval; Quantity of Data Retrieved; Date/Time of Data Processing, and Quantity of Data Processed.
The Evidence Tracking component provides a simple, effective mechanism for D3 customers to track the physical evidence associated with a case, including tag number barcoding of hard drives, and chain of custody tracking for each exhibit.
The final component of the D3 IT Forensics Case Management suite is a powerful Transparency Reporting analysis tool that can generate reports from any field in the system. The feature empowers users to create ad-hoc analysis, and combine reports into executive style dashboards. Nightly reports can be used to identify trends, quantify the completion of tasks and monitor the status of open cases or compile detailed digital evidence that can be used in a court of law. This reduces the high volume of emails that request case status; investigators can instead focus their time on progressing their cases, leaving the D3 system to produce and distribute status updates.
The D3 IT Forensics Case Management suite is completely web-based and available as Software-as-a-Service (cloud) or as an enterprise application.