Exterro Inc. announced the release of its upgraded FTK® Connect digital forensic tool that adds powerful new automation, orchestration and integration capabilities to Exterro’s industry-leading platform.
FTK Connect automation enables both corporations to streamline their incident response or breach investigations, and law enforcement and public sector customers to accelerate forensic evidence processing and review in criminal cases. The launch exemplifies Exterro’s ongoing investment in the FTK® product line as it plans a future IPO and underscores the company’s commitment to the digital forensics and incident response market.
In 2021, businesses suffered 50% more cyberattacks per week than the previous year and corporations around the globe expect an increase in attempted breaches. But if their forensic tools are not directly integrated with their cyber intrusion tools they risk being unable to preserve the evidence needed to remediate the attack. FTK Connect supports incident response requirements by combining new automation capabilities with the power and speed of Exterro’s FTK solutions in performing forensic investigations, incident response workflows, and securing corporate assets. Additionally, it allows SIEM and SOAR platforms like Splunk and Palo Alto Networks to be automatically integrated with FTK forensic products to instantly preserve evidence upon detection of an intrusion, with no human interaction needed. It also features a dramatically simplified drag and drop user interface (UI) that is specifically designed to allow non-programmers to easily create automations for any case type.
Public Sector
For public sector agencies, FTK Connect provides a much-needed automation solution that overcomes many challenges they face today. Some of these challenges include case backlogs that exist due to diminished tech budgets, lack of investigator training, and the enormous amounts of data that need to be processed. Essentially, the costs of outfitting a forensic lab with state-of-the-art technology with highly trained examiners are out of reach for most agencies. Thus, forensic evidence examinations become delayed after the imaging of a drive or collection of evidence because they rely on the availability of trained examiners to perform the next steps. Due to these circumstances and budgetary reasons, agencies are more frequently using non-technical reviewers who lack any training in forensics or forensic software, but who need to prepare cases for review by a forensic expert. As a result, investigation close rates continue to lag severely.
Harsh Behl, director of product management at Exterro, said, “By utilizing FTK Connect automation, law enforcement agencies can perform forensic workflows much faster and make better use of their existing hardware and software investments by putting them to use when users aren’t there,” “Scheduling the automation outside office hours utilizes the 16 hours of the day from the time when an investigator leaves work to when they arrive the next morning, which were previously wasted. Law enforcement agencies utilizing FTK® Lab or FTK® Central with FTK Connect will be able to close more cases in less time.
