AccessData Group, a provider of integrated digital forensics and e-discovery software, has released AD Enterprise 7.3, a new version of its software for managing internal forensic investigations and post-breach analysis that contains first-to-market remote Mac agent deployment.
The new version expands remote data collection capabilities to Mac devices that run on the macOS Catalina and macOS Mojave operating systems.
“Previously, agents always had to be installed manually on a Mac, so with 7.3 we are the first solution to support mass deployment of remote agents, overcoming any need for manual intervention by the end user,” says Harsh Behl, director of product management at AccessData. “Our new version of AD Enterprise offers a simple, easy workflow that is relatable to the investigator, and will allow them to quickly assess what’s on the Mac computer they’re connected to, and pull back the relevant data they need for further analysis and investigation.”
AD Enterprise 7.3 features integration with Jamf, the standard for Apple deployment in the enterprise, and the most common way for users to deploy software to Mac computers. Jamf covertly deploys the AD Enterprise agent and the permissions to endpoints automatically, allowing for mass deployment.
Other new features built into AD Enterprise 7.3 include XFS Linux file system support for parsing Red Hat® Enterprise Linux® (RHEL) environments, and for investigating abnormal or unauthorized activity and processes on an XFS-hosted web server or web application. The 7.3 version will also import AFF4 images and the latest versions of LX01 and E01 images created by the Tableau TX1. This streamlines the user’s workflow and was requested by customers seeking to more easily import data into an AccessData forensics software product from multiple third-party tools.
For more information about the AD Enterprise 7.3 enhancements, please click here.
Later in May, AccessData also expects to announce the launch of enhanced versions of its FTK and AD Lab products for digital forensics professionals. The release will deliver the ability to ingest and review more types of internet and image data. Users can also examine data from multiple mobile phones simultaneously, giving law enforcement the ability to find communication similarities between suspects, helping to speed investigative work.