Investigating with the EnCase App

In digital investigations, EnCase is the go-to tool. As Brian Carrier says in his book File System Forensic Analysis, “there are no official numbers on the topic, but it is generally accepted that EnCase is the most widely used computer investigation software.” [ Carrier, Brian. File System Forensic Analysis. Upper Saddle River, NJ [u.a.: Addison-Wesley, 2011. Print.] EnCase is a valid tool for digital investigations, contributing to its popularity. EnCase is a great tool that recently became even more powerful.

AppCentral is a new feature of EnCase 7. Professionals who have an extra talent in a certain area can develop apps to do specific functions, which other users can then download and use in EnCase 7. EnCase apps was designed to share knowledge within the digital forensics community, as well as make the “good guys” stronger.

This year at the LCDI, we are interested in the testing the capabilities of EnCase Apps. We separated into teams and each looked into various free Apps from EnCase App Central. We are looking to see what these apps do, how well they do it, and how useful we think each app would be in a practical application.

Stay tuned to lcdi.champlain.edu for our EnCase App reviews!

More Research Projects
CyberRange Team: Creating The Perfect Sandbox Environment
The Internet of Things Team: An Inside Look
CyberTech: Creating a Safer Internet Through Education