Alternatives to Cognitech FiA 64
Compare Cognitech FiA 64 alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Cognitech FiA 64 in 2026. Compare features, ratings, user reviews, pricing, and more from Cognitech FiA 64 competitors and alternatives in order to make an informed decision for your business.
-
1
Magnet AXIOM Cyber
Magnet Forensics
Enterprise organizations large and small use Magnet Forensics’ solutions to close cases quickly with powerful analytics that surface intelligence & insights while also being able to leverage automation and the cloud to reduce downtime and enable remote collaboration at scale. Some of the world’s largest corporations use Magnet Forensics to investigate IP theft, fraud, employee misconduct and incident response cases such as ransomware, business email compromise and phishing attacks. The benefits of hosting your applications in the cloud ranges from cost savings to more centralized operations. Deploy AXIOM Cyber in Azure or AWS to leverage the benefits of cloud computing plus the ability to perform off-network remote collections of Mac, Windows and Linux endpoints. -
2
FTK Forensic Toolkit
Exterro
Zero in on relevant evidence quickly, conduct faster searches and dramatically increase analysis speed with FTK®, the purpose-built solution that interoperates with mobile device and e-discovery technology. Powerful and proven, FTK processes and indexes data upfront, eliminating wasted time waiting for searches to execute. No matter how many different data sources you’re dealing with or the amount of data you have to cull through, FTK gets you there quicker and better than anything else. FTK uses distributed processing and is the only forensics solution to fully leverage multi-thread/multi-core computers. While other forensics tools waste the potential of modern hardware solutions, FTK uses 100 percent of its hardware resources, helping investigators find relevant evidence faster. Since indexing is done up front, filtering and searching are completed more efficiently than with any other solution. -
3
SalvationDATA
SalvationDATA Technology
Digital Forensic Lab Solution from SalvationDATA is the most advanced Lab Solution for numerous industries including Law-Enforcement, IT & Finance Enterprises, and other companies that need Intelligent Work Cooperation. Specifically, with the advanced supporting software like Video Forensics, Mobile Forensics, Data Recovery and Database Forensics, and advanced solid hardware equipment like Intelligent Data Center and Intelligent Forensic Workstation, it’s been applied world-wide among Digital Forensics, eDiscovery, DFIR for law enforcement and intelligence organizations. With the assistance of professional and advanced digital forensic lab solutions, your organization’s circumstances get upgraded effectively and efficiently. -
4
Cognitech Video Investigator
Cognitech
Part of the Tri-Suite64 software package, Video Investigator® 64 is designed to process video files and still images alike, including enhancing CCTV footage. There are a variety of methods that can be used in either scenario, which is what makes Video Investigator® 64 such a powerful video and image enhancement software package. No other software will offer the vast array of filters and features to enhance video and images like Video Investigator offers its users. Get everything other image enhancement software, video deblurring software, and video resolution enhancement software has all in one package and one software with even more features. Video Investigator is the best forensic video enhancement software available. To enhance CCTV footage it is important to be able to select and play the frame sequences that may or may not be connected on a time-line. The Movie Controller provides advanced video playback with audio support allowing the end-user to adjust which frames of video. -
5
Cognitech VideoActive
Cognitech
Part of the Tri-Suite64 software package, VideoActive® 64 is the first Real-Time forensic video processing software. The Cognitech® U.S. Patented software is the world’s only software that has a fully automatic Real-Time Universal De-Multiplexing ability, in addition to Real-Time Track & Cover, lidar crime scene reconstruction and analysis. Real-Time Universal DVR Capture, Patented Lossless Video Capture with encoding that doubles video storage and a Video Search (e.g. cars and people). Cognitech VideoActive’s modular design allows the end-user to choose a pre-defined configuration or user-defined signal processing chain. VideoActive® modules can be easily combined to produce a user-defined processing pipeline from live sources or locally stored files, all in real-time. New software code entirely re-written for 64-bit software architecture improving use of larger size files, such as 4K and 8K video to be opened, played, and saved. -
6
Axon Investigate
Axon
Improper playback software can alter video evidence and impede investigations. Axon Investigate allows you to review footage from more third-party proprietary video formats than any other solution on the market and provides immediate access to original metadata including date, time, image numbers, etc. More than 80% of investigations involve video evidence. Axon Investigate dramatically improves the video investigation process, saving officers up to 10 hours per week by providing simple, fast and repeatable workflows. Manage and organize hundreds of video sources into one project, track activity, tag relevant events, extract available video and create court-ready deliverables in standard, lossless formats. Axon Investigate is built by a team of certified, forensic video analysts and ensures that investigators view original video evidence and share accurate copies ready for court. -
7
Phonexia Voice Inspector
Phonexia
Perform fast and highly accurate language-independent forensic voice analysis using a speaker recognition solution explicitly designed for forensic experts and exclusively powered by state-of-the-art deep neural networks. Analyze the subject’s voice automatically with an advanced speaker identification tool, and support your forensic expert’s conclusion with accurate, unbiased voice analysis. Identify a speaker in the recordings of any language without the need to hire a language-specific linguist as Phonexia Voice Inspector can detect pronunciation differencies in any language. Present the results of your forensic voice analysis to a court in the most convenient way with an automatically generated report containing all the necessary details to validate the claim. Phonexia Voice Inspector is an out-of-the-box solution that provides police forces and forensic experts with a highly accurate speaker recognition tool to support effective criminal investigations and give evidence in court. -
8
Belkasoft Triage
Belkasoft
Belkasoft Triage is a new digital forensic and incident response tool developed specifically for a quick analysis of a live computer and making a partial image of important data. Belkasoft T is designed to assist in situations when an investigator or a first responder is at the scene of incident and needs to quickly identify and obtain specific digital evidence stored on a Windows machine. The product is irreplaceable in situations of time pressure, when there is a need to quickly detect presence of specific data and obtain investigative leads instead of conducting an in-depth analysis of all the digital evidence. -
9
Medex Forensics
Medex Forensics
Unlike any other software, Medex reveals information that is not present in the metadata of a digital video file. With this additional intelligence, investigators are answering new questions about video and identifying additional crimes and perpetrators in previously impossible ways. Medex Forensics provides examiners the newest automated tools for digital video authentication, source detection, and provenance analysis. Medex’s patented approach to examining digital video provides investigators and prosecutors new insight into digital video. Identify a video’s provenance, including origination camera make/model and any editing software or platform. Triage videos from mobile device extractions and expedite actionable intelligence. -
10
Forevid
Forevid
Forevid video analyzer offers options to record screens during forensic analysis of video files. Monitor the complete activity in file format to prevent any alteration of digital evidence during collection and examination. Also, change the “frame rate” of the recording and save it in .avi format. The bookmark option to add information to a specific frame of the input video file for editing resulted in a faster and more efficient investigation. With Forevid forensic video analyzer bookmark the frame as a PDF or copy it to the clipboard to edit with an image editor. Video encoding option to convert video into a compatible format for other video player devices. Select the encoding setting to change the quality of the video while converting it into lossless MP4, MKV FLV, and SFX player (exe) file format.Starting Price: Free -
11
EnCase Forensic
OpenText
The Gold Standard in Forensic Investigations – including Mobile Acquisition. Improve investigation efficiency with the release of optical character recognition (OCR) support that seamlessly extracts embedded text from scanned images, documents and PDFs as part of the evidence collection workflow. 21.2 also expands social media artifact support and includes an enhanced workflow with a new summary view that allows users to cross-reference disparate artifact types, significantly improving evidence processing workflows. OpenText Security (formerly Guidance Software) created the category for digital investigation software with EnCase Forensic in 1998. EnCase has maintained its reputation as the gold standard in criminal investigations and was named the Best Computer Forensic Solution for eight consecutive years by SC Magazine. No other solution offers the same level of functionality, flexibility, and has the track record of court-acceptance as EnCase Forensic. -
12
Amped FIVE
Amped Software
Amped FIVE is the most complete image and video forensics software, acclaimed for its reliability and workflow efficiency. Amped FIVE was designed to answer the need to provide solid, scientific-based forensic image and video enhancement for worldwide legal systems. Image and video analysts worldwide have contributed to the development of the software used today, ensuring all aspects of the investigation process can be completed within a single application. Developed specifically for forensics, public safety, and national security, this all-in-one solution has more than 140 filters and tools, to convert, process, enhance, analyze, present, and document images and videos. It supports any type of image and video data retrieved from various multimedia sources (including audio streams) from CCTV and DVR systems, body-worn cameras, dash cameras, drones, mobile phones, fingerprints, documents, and much more. -
13
Amped Authenticate
Amped Software
Amped Authenticate is the leading forensic software for unveiling the processing history of a digital image. Amped Authenticate provides a suite of powerful tools to determine whether an image is an unaltered original, an original generated by a specific device, or the result of manipulation using a photo editing software, making its admissibility as evidence questionable. Amped Authenticate is used by digital forensic experts and intelligence agencies worldwide. Authenticate is a collection of the most useful, real-world-application authentication filters and techniques identified by image analysts, based on hundreds of scientific papers and studies. These have been built into an easy-to-use, yet amazingly powerful interface to help investigators answer the many questions of authenticity and integrity surrounding today's digital images. -
14
MD-VIDEO AI
GMDSOFT
MD-VIDEO AI is the digital forensic software for recovering video data directly from media storage like a disk, memory card, and damaged video file. Deleted and damaged video frames can be recovered, and enhancement feature supports to improve the quality of the target frame. Moreover, the AI-based video analysis feature enables time-efficient investigation. More than 80 kinds of objects can be detected & recognized. The efficient filtering & sorting options help investigators to easily find the object. MD–DRONE is a forensic software for extracting and analyzing data from the various data sources of UAV/drone from global manufacturers such as DJI, Parrot, and PixHawk. -
15
Belkasoft X
Belkasoft
Belkasoft X Forensic (Belkasoft Evidence Center X) is a flagship tool by Belkasoft for computer, mobile, drone, car, and cloud forensics. It can help you to acquire and analyze a wide range of mobile and computer devices, run various analytical tasks, perform case-wide searches, bookmark artifacts, and create reports. Belkasoft X Forensic acquires, examines, analyzes, and presents digital evidence from major sources—computers, mobile devices, RAM, cars, drones, and cloud services—in a forensically sound manner. If you need to share the case details with your colleagues, use a free-of-charge portable Evidence Reader. Belkasoft X Forensic works out of the box and can be easily integrated into customer workflows. The software interface is so user-friendly that you can start working with your cases right after the Belkasoft X Forensic deployment.Starting Price: $1500 -
16
E3:Universal
Paraben Corporation
Don’t get caught up in tools that are unmanageable. The E3 Platform gets you processing all types of digital evidence quickly with an Easy interface, Efficient engines, and Effective workflow. E3:UNIVERSAL version that is designed to do all data types from hard drive data, smartphones, and IoT data. The need to change around your tool based on what type of digital data you have is a thing of the past. The E3 Forensic Platform seamlessly adds a large variety of evidence into a single interface to be able to search, parse, review and report on the digital data from most digital sources. Computer forensics focuses on bits and bytes of the file system that holds a large variety of different valuable pieces of data that can be the key to your investigation. From the FAT files systems of old to modern file systems like Xboxes, the E3 Forensic Platform works with the powerhouse of multi-tasking analysis engines to breakdown the data.Starting Price: $6,295 -
17
Cyber Triage
Sleuth Kit Labs
Fast & Affordable Forensics for Incident Response. Automated incident response software for fast, comprehensive, and easy intrusion investigations. An alert is generated from IDS or SIEM. An endpoint investigation is started from SOAR manually. Cyber Triage is deployed to the endpoint to collect data. Analyst uses Cyber Triage data to find evidence and make decisions. Manual incident response is slow, leaving the entire organization at the intruder’s mercy. By automating every phase of the endpoint forensics process, Cyber Triage ensures state-of-the-art remediation speed. Cyber threats are constantly evolving, and manual incident response can be inconsistent and incomplete. Always operating on the latest threat intelligence, Cyber Triage scours every relevant corner of a compromised endpoint. Forensic tools are often confusing, with features not needed for intrusions. Cyber Triage’s intuitive interface allows even junior staff to analyze data and assemble reports.Starting Price: $2,500 -
18
ADF Cloud Platform
ADF Solutions
ADF Solutions is the leading provider of digital forensic and media exploitation tools. These tools are used for processing and analyzing Android/iOS smartphones, mobile devices, computers, external drives, drive images, and other media storage (USB flash drives, memory cards, etc.) ADF triage software is all about speed, scalability, ease-of-use, and relevant results. The tools have a proven track record in reducing forensic backlogs, streamlining digital investigations and rapid access to digital evidence and intelligence. Our customers include federal, state and local law enforcement agencies, military and defense agencies, Office of Inspector General offices, Attorneys General, prosecutors, and other investigative professionals worldwide.Starting Price: $35000 -
19
Passware Kit
Passware
Passware Kit Forensic is the complete encrypted electronic evidence discovery solution that reports and decrypts all password-protected items on a computer. The software recognizes 340+ file types and works in batch mode recovering passwords. Analyzes live memory images and hibernation files and extracts encryption keys for hard disks and passwords for Windows & Mac accounts. Passware Bootable Memory Imager acquires memory of Windows, Linux, and Mac computers. Resolved navigation issues after stopping the password recovery process. Instant decryption of the latest VeraCrypt versions via memory analysis. Accelerated password recovery with multiple computers, NVIDIA and AMD GPUs, and Rainbow Tables. In addition to all the key features of a Windows version, Passware Kit Forensic for Mac provides access to APFS disks from Mac computers with Apple T2 chip.Starting Price: $1,195 one-time payment -
20
MotionDSP
MotionDSP
Identify faces, license plates, and unclear content from grainy or poor quality video footage. Create compelling evidence artifacts or video clips using our Forensic video enhancement application. Protect the identity of the innocent, comply with FOIA regulations, and highlight relevant visuals with our Spotlight video and audio redaction application. The MotionDSP product line includes industry leading tools for advanced image processing and computer vision software for public safety, security, government, and defense applications. Since initial product launch over 12 years ago, we have helped customers extract critical information from video across a wide variety of industries including law enforcement, military, oil and gas, forestry, inspection services, energy, transportation, and more, including: the US Secret Service, Scotland Yard, NCIS and many other agencies around the world. -
21
Binalyze AIR
Binalyze
Binalyze AIR is a market-leading Digital Forensics and Incident Response platform that allows enterprise and MSSP security operations teams to collect full forensic evidence at speed and scale. Our incident response investigation capabilities such as triage, timeline and remote shell help to close down DFIR investigations in record time. -
22
Falcon Forensics
CrowdStrike
Falcon Forensics offers comprehensive data collection while performing triage analysis during an investigation. Forensic security often entails lengthy searches with numerous tools. Simplify your collection and analysis to one solution to speed triage. Incident responders can respond faster to investigations, conduct compromise assessments along with threat hunting and monitoring with Falcon Forensics. Pre-built dashboards, easy search, and view data capabilities empower analysts to search vast amounts of data, including historical artifacts, quickly. Falcon Forensics automates data collection and provides detailed information around an incident. Responders can tap into full threat context without lengthy queries or full disk image collections. Provides incident responders a single solution to analyze large quantities of data both historically and in real-time to uncover vital information to triage an incident. -
23
ProDiscover
ProDiscover
ProDiscover forensics suite addresses a wide range of cybercrime scenarios encountered by law enforcement and corporate internal security investigators. ProDiscover is widely used in Computer Forensics and Incident Response. The product suite is also equipped with diagnostic and evidence collection tools for corporate policy compliance investigations and electronic discovery. ProDiscover helps in efficiently uncovering files and data of interest. Wizards, dashboards and timeline views help in speedily discovering vital information. Investigators are provided with a wide range of tools and integrated viewers to explore the evidence disks and extract artifacts relevant to the investigation. ProDiscover combines speed and accuracy, with ease of use and is available at an affordable price. Launched in 2001, ProDiscover has a rich history. It was one of the first products to support remote forensic capabilities. -
24
Belkasoft Remote Acquisition
Belkasoft
Belkasoft Remote Acquisition (Belkasoft R) is a new digital forensic and incident response tool developed specifically for remote extraction of hard and removable drives, RAM, connected mobile devices, and even specific types of data. Belkasoft R will be useful in cases when an incident response analyst or a digital forensic investigator needs to gather evidence quickly and the devices in question are situated in geographically distributed locations. With Belkasoft R, there is no longer need to interrupt an employees' daily routine or draw excessive attention to your investigation. Belkasoft R saves your time and money doing a forensically sound remote acquisitions: no more excessive costs and extra time for travels. No more geographical challenges and expensive trips. No need in having trained specialists in all locations of your organization’s offices. -
25
Xplico
Xplico
Xplico is installed in the major distributions of digital forensics and penetration testing: Kali Linix, BackTrack, DEFT, Security Onion, Matriux, BackBox, CERT Forensics Tools, Pentoo and CERT-Toolkit. Xplico allows concurrent access by multiple users. Any user can manage one or more Cases. The UI is a Web User Interface and its backend DB can be SQLite, MySQL or PostgreSQL. Xplico can be used as a Cloud Network Forensic Analysis Tool. The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT). At each data reassembled by Xplico is associated a XML file that uniquely identifies the flows and the pcap containing the data reassembled. -
26
4n6 Outlook Forensics Wizard
4n6Soft
4n6 Outlook Forensics Wizard is the most reliable, fast and easy-to-use software to open and analyze Outlook email data files. Forensics Investigator is this application developed specifically to collect evidence from Outlook data files. This advanced Outlook Forensics Software provides detailed preview of Outlook data files in various modes. You can easily use this software without facing any type of problem. The app also offers several premium benefits: 1. Allows to open, view, and analyze unlimited Outlook Data Files. 2. No need to install Outlook application to analyze email data. 3. Outlook Forensics Wizard is complete free from any type of risk. 4. Supports all the versions of Outlook including Outlook 2019. 5. Analyze Outlook email data in multiple modes to deeply analyze.Starting Price: $49 -
27
LLIMAGER
e-Forensics Inc
LLIMAGER was designed to address the need for a low-cost, no-frills “live” forensic imaging solution for Mac computers, capable of capturing the entirety of a synthesized disk, including volume unallocated space, as macOS sees the disk with its partitions mounted. The application was developed to be user-friendly and easy enough for entry level digital forensics examiners. The application leverages built-in Mac utilities, providing a versatile solution compatible with a wide range of macOS versions, both past and present. This ensures that the tool remains functional across diverse system configurations and updates. FEATURES INCLUDE: Powerful and Fast "Live" imaging, CLI based Application Supports Intel, Apple Silicon, T2 Chips, and APFS File Systems. Full Acquisition Log SHA-256 or MD5 Hashed DMG Images Choice of Encrypted /Decrypted DMGs for use in commercial forensics tools Unlimited Technical SupportStarting Price: $425 -
28
OSForensics
PassMark Software
Extract forensic data from computers, quicker and easier than ever. Uncover everything hidden inside a PC. Discover relevant data faster through high performance file searching and indexing. Extract passwords, decrypt files and recover deleted files quickly and automatically from Windows, Mac and Linux file systems. Identify evidence and suspicious activity through our hash matching and drive signature analysis features. Identify and analyze all files and even automatically create a timeline of all user activity. 360° Case Management Solution. Manage your entire digital investigation with OSF’s new reporting features. Build custom reports, add narratives and even attach your other tools’ reports to the OSF report. Volatility Workbench is a graphical user interface (GUI) for the Volatility tool. OSForensics courses offered to suit a diverse range of users and skill sets. Write an image concurrently to multiple USB Flash Drives.Starting Price: $799 per user per year -
29
Quin-C
AccessData
AccessData® is reimagining digital forensics and legal review to help you uncover critical evidence faster, make more meaningful connections across data and build stronger cases. With Quin-C™, a pioneering technology from AccessData, you can empower forensic & legal teams at every skill level to conduct and close more accurate, advanced investigations faster than ever before. Quin-C works seamlessly with the AccessData solutions you already know and trust, to give you maximum control over the way you collect, process, review, analyze and report on key pieces of data. Feature-rich and easy to use, Quin-C delivers groundbreaking technology to maximize the output of investigative, forensic, IT and legal teams alike. In combination with AccessData core products, Quin-C is the fastest, most scalable solution on the market today. Quin-C dramatically improves efficiency and throughput with next-generation features that guide current and future investigations. -
30
XRY
MSAB
XRY by MSAB is a mobile-device forensics extraction solution that enables investigators to securely and efficiently access, extract, and preserve digital evidence from smartphones, tablets, and other mobile devices. It supports a wide and growing range of devices, unlock and bypass features (including passcode bypass and chip-level support for difficult devices), full decoding of app data (such as WhatsApp, Facebook, Instagram, Viber), browser history (Safari, Chrome, Opera), and location/timeline correlation across sources. It is built with full chain-of-custody and evidential integrity in mind, including a secure XRY forensic file format with encryption and auditing, while offering access both at the frontline (scene) and in the lab. XRY includes variants such as Logical (fast, live data), Physical (raw memory dumps, deleted data recovery), Cloud (cloud-/app-based data), and Pro (deepest device and exploit access). -
31
Change Auditor
Quest Software
Change reporting and access logging for Active Directory (AD) and enterprise applications is cumbersome, time-consuming and, in some cases, impossible using native IT auditing tools. This often results in data breaches and insider threats that can go undetected without protections in place. Fortunately, there's Change Auditor. With Change Auditor, you get complete, real-time IT auditing, in-depth forensics and security threat monitoring on all key configuration, user and administrator changes for Microsoft Active Directory, Azure AD, Exchange, Office 365, file servers and more. Change Auditor also tracks detailed user activity for logons, authentications and other key services across enterprises to enhance threat detection and security monitoring. A central console eliminates the need and complexity for multiple IT audit solutions. -
32
Videoma Intelion
ISID
Videoma Intelion is an Video and Audio analyzer for law enforcement and intelligence agencies that reduces investigation times to a fraction of the usual by automating the tasks of reviewing and documenting video and audio generated in surveillance, recordings or social media analysis operations. It can work either as a forensic video analysis tool, after the fact, or in ongoing investigations. Intelion is a Law Enforcement software that integrates with any VMS and processes video files, live surveillance cameras, live TV and radio broadcasts or content from online platforms massively in an unattended manner. It applies advanced, AI-based analyzers to automatically classify all that information and locate targets in near real-time. Some features: Face Biometry Object recognition Speaker ID Audio Fingerprint Speech to Text Automatic TranslationStarting Price: $300,000 -
33
4n6 DBX Forensics Wizard
4n6Soft
4n6 DBX Forensics Software helps investigators to analyze and examine DBX files without Outlook Express in detail. With DBX File Forensics Software, you can extract DBX data to several popular file formats and email services. The software provides DBX file preview in 4 different modes: Content, Attributes, Message Headers, and Hexadecimal View Attributes. To explore DBX files with the software GUI, the software provides two modules: Folder Selection and File Selection. Select File allows you to search only a single file, while Select Folder allows you to search a folder containing multiple DBX files. This DBX Forensics Software can save evidence of DBX files to multiple destinations like email files (DBX files can be preserved as PST files EML files and MBOX files), document files (DBX files can be preserved as PDF, HTML text and emails). It helps in extracting and preserving.Starting Price: $49 -
34
Autopsy
Basis Technology
Autopsy® is the premier end-to-end open source digital forensics platform. Built by Basis Technology with the core features you expect in commercial forensic tools, Autopsy is a fast, thorough, and efficient hard drive investigation solution that evolves with your needs. Tens of thousands of law enforcement and corporate cyber investigators around the world use Autopsy. Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card. Everyone wants results yesterday. Autopsy runs background tasks in parallel using multiple cores and provides results to you as soon as they are found. It may take hours to fully search the drive, but you will know in minutes if your keywords were found in the user's home folder. See the fast results page for more details. -
35
GetReal
GetReal
GetReal Security offers advanced, enterprise-grade content verification solutions to prevent deepfakes and impersonation attacks in real time across audio and video streams, as well as collaboration platforms. GetReal's multi-dimensional, layered defense approach includes content credentials analysis, pixel analysis, physical analysis, provenance analysis, semantic analysis, human signals analysis, biometric analysis, behavioral analysis, and environmental analysis to ensure comprehensive protection. Designed for seamless integration into existing collaboration and cybersecurity workflows, GetReal Security helps organizations maintain trust in digital communications by verifying the authenticity, origin, and integrity of content, effectively addressing the challenges posed by AI-generated deception and malicious digital media. -
36
X-Ways Forensics
X-Ways
X-Ways Forensics is an advanced work environment for computer forensic examiners and our flagship product. Runs under Windows XP/2003/Vista/2008/7/8/8.1/2012/10/2016, 32 Bit/64 Bit, standard/PE/FE. (Windows FE is described here, here and here.) Compared to its competitors, X-Ways Forensics is more efficient to use after a while, by far not as resource-hungry, often runs much faster, finds deleted files and search hits that the competitors will miss, offers many features that the others lack, as a German product is potentially more trustworthy, comes at a fraction of the cost, does not have any ridiculous hardware requirements, does not depend on setting up a complex database, etc.! X-Ways Forensics is fully portable and runs off a USB stick on any given Windows system without installation if you want. Downloads and installs within seconds (just a few MB in size, not GB). X-Ways Forensics is based on the WinHex hex and disk editor and part of an efficient workflow model.Starting Price: $18,589 -
37
AD Enterprise
AccessData
Today’s digital forensics teams face many challenges in a world filled with an overwhelming amount of data. From multiple office locations, to massive employee pools and remote workers, AD Enterprise provides deep visibility into live data directly at the endpoint, helping you conduct faster, more targeted enterprise-wide post-breach, HR and compliance investigations in a single, robust solution. With AD Enterprise, you can respond quickly, remotely and covertly while maintaining chain of custody, and facilitate focused forensic investigations and post-breach analysis, without interruption to business operations. Preview live data at the endpoint, then filter on any attributes and choose to retrieve only the data that matters to your investigation, saving time and cost. Perform collections from endpoints in multiple locations by deploying our remote Enterprise Agent to a broad range of operating systems, including Windows, Mac, Linux and more. -
38
CyFIR Investigator
CyFIR
CyFIR digital security and forensic analysis solutions provide unparalleled endpoint visibility, scalability, and speed to resolution. Cyber resilient organizations suffer little to no damage in the event of a breach. CyFIR cyber risk solutions identify, analyze, and resolve active or potential threats 31x faster than traditional EDR tools. We live in a post-breach world where data breaches are more frequent and more aggressive in their capacity to do harm. Attack surfaces are expanding beyond the walls of an organization to encompass thousands of connected devices and computer endpoints located throughout remote facilities, cloud and SaaS providers, controlled foreign assets, and other locations. -
39
CloudNine
CloudNine Discovery
CloudNine is a cloud-based eDiscovery automation platform that streamlines the litigation discovery, audits, and investigations by allowing users to review, upload, and create documents in a central location. With its comprehensive suite of professional services that include discovery consulting, computer forensics, managed review, online hosting, information, governance, litigation support, and project management, CloudNine dramatically reduces the overall costs of eDiscovery processing. Law firms and corporations can save time and money by consolidating all of their data collection, processing, and review requirements by leveraging CloudNine’s self-service eDiscovery software.Starting Price: $35.00/month -
40
Forensic Email Collector
Metaspike
Expertly preserve email evidence without breaking a sweat. Get plug & play output for digital forensic investigations and eDiscovery. We all run into cases where collecting a mailbox as a whole is not an option, often due to privacy or timeframe concerns. On the other hand, eDiscovery and digital forensics workflows often involve a full collection, followed by post-acquisition searches. Forensic Email Collector solves this problem in a creative way. You can perform instant in-place searches on mailboxes on the server before the acquisition and forensically preserve only the search results. No need to create labels, tag documents, or make any changes to the target mailbox. Files attached to emails as hyperlinks to a cloud storage system can throw a monkey wrench into your forensic preservation. The linked attachments often require authentication and are inaccessible unless handled as part of the initial acquisition.Starting Price: $499 one-time payment -
41
Magnet AXIOM
Magnet Forensics
Recover & analyze your evidence in one case. Examine digital evidence from mobile, cloud, computer, and vehicle sources, alongside third-party extractions all in one case file. Use powerful and intuitive analytical tools to automatically surface case-relevant evidence quickly. Recover, analyze, and report on data from mobile, computer, cloud, and vehicle sources in one case file with Magnet Axiom. Easily recover deleted data and analyze digital evidence from mobile, computer, cloud, and vehicle sources in one case file, with an artifact-first approach. Discover the full history of a file or artifact to build your case and prove intent. Magnet Axiom provides the most up-to-date artifact support for the most recent devices and sources. Acquire and analyze mobile, cloud, and computer evidence together in one case. Process warrant returns from providers such as Google, Facebook, and Instagram. -
42
Chainkit
Chainkit
Go beyond static File Integrity Monitoring (FIM). Automate integrity in motion and at rest—in real-time. With eXtended Integrity Monitoring (XIM) from Chainkit. Chainkit detects threats faster and in real-time, which in turn reduces the amount of time that undetected attacks linger in your data. Chainkit dramatically increases the visibility of attacks within your data. It detects anti-forensic tampering techniques that attackers use to evade detection. Chainkit seeks out malware hidden within your data and provides full transparency on tampered logs. Chainkit preserves the integrity of artifacts required by forensic investigators. Chainkit enhances attestation for ISO, NIST and related log or audit trail compliance requirements. Chainkit can help you reach and maintain compliance for all security compliance regulations. We provide customers with a more comprehensive audit-readiness posture.Starting Price: $50 per month -
43
Parrot OS
Parrot Security
Parrot is a worldwide community of developers and security specialists that work together to build a shared framework of tools to make their job easier, standardized and more reliable and secure. Parrot OS, the flagship product of Parrot Security is a GNU/Linux distribution based on Debian and designed with Security and Privacy in mind. It includes a full portable laboratory for all kinds of cyber security operations, from pentesting to digital forensics and reverse engineering, but it also includes everything needed to develop your own software or keep your data secure. Always updated, frequently released with many hardening and sandboxing options available. Everything is under your complete control. Feel free to get the system, share with anyone, read the source code and change it as you want! this system is made to respect your freedom, and it ever will be. -
44
Velociraptor
Rapid7
At the press of a (few) buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints, with speed and precision. Continuously collect endpoint events such as event logs, file modifications and process execution. Centrally store events indefinitely for historical review and analysis. Actively search for suspicious activities using our library of forensic artifacts, then customize to your specific threat-hunting needs. It was developed by Digital Forensic and Incident Response (DFIR) professionals who needed a powerful and efficient way to hunt for specific artifacts and monitor activities across fleets of endpoints. Velociraptor provides you with the ability to more effectively respond to a wide range of digital forensic and cyber incident response investigations and data breaches. -
45
MetaImage
Microception
MetaImage is a digital image evidence manager that enables agencies to manage images from multiple systems and devices in a single location. With MetaImage you can verify the authenticity of your images, create proof sheets for court, and securely share your images with prosecutors and other team members. MetaImage fully integrates with MetaCase. This means that you can store all of your evidentiary images, interviews, and case-management data in a single electronic case folder. MetaImage allows you to securely store images on your MetaCase server; maintaining ownership of your data while saving tens of thousands of dollars a year over single-purpose or cloud-based systems. Consolidate images from multiple systems in one place. Authenticate images and create proof sheets for court. Easily share images with prosecutors or other team members. Allow technicians to upload images to case folders without being able to view the other contents of the file. -
46
Quest IT Security Search
Quest
Seeing the un-seeable can be a challenge for IT. With billions of events to collect and review from a variety of sources, both on premises and in the cloud, it’s difficult to find relevant data and make sense of it. And in the event of a security breach, either internal or external, the ability to locate where the breach originated and what was accessed can make a world of difference. IT Security Search is a Google-like, IT search engine that enables IT administrators and security teams to quickly respond to security incidents and analyze event forensics. The tool’s web-based interface correlates disparate IT data from many Quest security and compliance solutions into a single console and makes it easier than ever to reduce the complexity of searching, analyzing and maintaining critical IT data scattered across information silos. Configure role-based access, enabling auditors, help desk staff, IT managers and other stakeholders to get exactly the reports they need and nothing more. -
47
WebPreserver
WebPreserver
See it, capture it. Instantly preserve web pages and social media profiles using our Chrome plug-in. Captured content is immediately preserved as forensically-defensible evidence, right on your computer. Save time and expand your collections. WebPreserver’s expands long collapsed posts, comment threads, and replies, ensuring hidden content is captured without you having to manually expand these sections. Generate defensible evidence in seconds. Easily export collected evidence in OCR PDF, MHTML, or WARC. The OCR PDF and MHTML file formats provide the full context of content and are completely searchable. Modern life is digital. As online interactions increase, so does the need for website and social media evidence collections. Manually capturing web page or social media evidence is unreliable and time-consuming. Authenticating social media evidence can be a challenge without the right tools at your disposal. -
48
Cado
Cado Security
Investigate all escalated alerts with unparalleled speed & depth. Revolutionize how Security Operations and Incident Response teams investigate cyber attacks. In today's complex and evolving hybrid world, you need an investigation platform you can trust to deliver answers. Cado Security empowers teams with unrivaled data acquisition, extensive context, and unparalleled speed. The Cado Platform provides automated, in-depth data so teams no longer need to scramble to find the critical information that they need, enabling faster resolutions and more effective teamwork. With ephemeral data, once the data is gone, it's gone. Act in real-time. The Cado Platform is the only tool with the ability to perform automated full forensic captures as well as utilize instant triage collection methods - native acquisition of cloud-based resources including containers, as well as SaaS applications and on-premise endpoints. -
49
Pagefreezer
Pagefreezer Software
Pagefreezer’s software solutions help organizations with the monitoring, capturing, and archiving of online data. By doing this, our tools help address the following critical business challenges. Use your archived online data as official evidence towards a regulatory audit or legal case. Exports from our website archiving service offer all associated metadata, digital signatures, and timestamps that validate the authenticity and integrity of your records, proving that it hasn’t been tampered with. Archive social media and never miss an edited post or deleted comment. Our social media and enterprise collaboration archiving solutions actively monitor and collect your data in real-time to help you keep track of the conversation and capture all activity on your platforms. Get alerted whenever inappropriate content is posted and capture it in defensible quality before it’s deleted. -
50
SmartEvent
Check Point Software Technologies
SmartEvent event management provides full threat visibility with a single view into security risks. Take control and command the security event through real-time forensic and event investigation, compliance, and reporting. Respond to security incidents immediately and gain network true insights. SmartEvent provides a single view into security risks. Take control and understand your security status and trends. Respond to security incidents immediately and gain network true insights. Always the latest security management keeps you automatically up-to-date. On-demand expansion to seamlessly onboard more gateways. Zero maintenance makes your environments more secure, manageable and compliant.
