Network Investigation and Incident Response
AD Enterprise supports the requirements of law enforcement, private sector and forensic practitioners everywhere with a battle tested solution. Built on our proven digital forensics processing engine, Forensic Toolkit (FTK®), AD Enterprise is the solution of choice for more than 2000 global clients. Enforce compliance and remediate damage by scanning thousands of endpoints for unapproved processes, and where applicable, kill specific processes and initiate batch remediation on either a single machine or multiple endpoints at across an organization’s entire infrastructure.
An intuitive incident response console, secure batch remediation, unsurpassed searching and filtering, and comprehensive logging and reporting are just a few of the reasons AD Enterprise is the investigative tool of choice for data breach and IT security investigators around the globe.
The ability to forensically analyze multiple computers across your enterprise simultaneously is critical when performing root cause analysis and internal investigations. Furthermore, proactive use of this technology allows you to detect threats that have circumvented the typical signature-based tools, such as antivirus, intrusion detection and other alerting systems.
The depth, breadth and ease-of-use of the forensic/investigative features of AD Enterprise enables IT security staff and investigators to harness the power of a database powered analysis engine for more efficient, effective and sound investigations. The external consulting costs, state and federal regulatory risks and disruptions to day to day operations associated with the traditional methods of forensic-level investigations, e-discovery and incident response can handicap corporations of any size without the proper solutions and training.
Facilitate Regulatory Compliance and E-Discovery
Visibility into desktops, laptops, peripheral devices and network shares allows organizations to maintain compliance with regulations, such as Sarbanes-Oxley, PCI requirements, HIPAA, FISMA, and internal policies. AD Enterprise can also augment and support your e-discovery and FOIA activity by identifying and forensically preserving data from target endpoints.
Detect and Covertly Investigate Data Theft, Fraud and Other Employee Misconduct
AD Enterprise gives you visibility into all activity on your endpoints, network shares and peripheral devices. Investigative tasks can be performed, whether suspect employees are logged into your network or not…. whether they are online or not… and information will be sent back to you every time they go online.
Detect, Analyze and Remediate Malware, Advanced Persistent Threats and Zero-Day Events
Proactively or reactively scan thousands of endpoints identify rogue processes (even those that are hidden) and anomalous activity. Analyze the compromise to understand how it operates, conduct a network-wide compromise assessment to identify all affected nodes AND remediate all compromised computers from a central location. Zero day exploits may proliferate a bot throughout an enterprise that launches rogue SMTP processes on affected systems. With AD Enterprise quickly determine which systems, devices and applications have been affected and prioritize remediation.
Automated Malware Triage and Analysis
Available as an option to AD Enterprise, Cerberus is one tool in your malware arsenal and helps you identify potentially malicious files. It’s the first layer of defense against the risk of imaging unknown devices and allows you to identify risky files after processing your data in AD Enterprise. Then you can see which files are potentially infected and you can avoid exporting them. With Cerberus you’ll receive actionable intelligence without having to wait for the malware team to perform deeper, more time consuming analysis.