Evidence Talks introduces Cascade Forensics
The sea-change in the practice of forensic triage brought about by the digital revolution has moved on to a new stage, with the introduction of fully scalable, client-server architecture from Evidence Talks, according to its Chief Technical Officer Andrew Sheldon.
Called Cascade Forensics, the system combines the company’s SPEKTOR triage technology and the ability to drive and control third party forensic tools with policy driven processing logic; a smarter way to move from digital triage to full forensic analysis via automated forensic workflows.
In terms of the benefits available to users, the list is extensive and detailed but fundamentally it accelerates delivery of forensic processing results within a standardised framework and improves efficient use of human and technical resources by automating multiple forensic tools and processes.
“It will be particularly welcomed by users with high volume and high priority investigations to bring to a rapid conclusion”, said Sheldon. “Where there is ‘burst’ demand caused by major incidents or national emergencies, the response from the likes of Law Enforcement and counter-terrorist organisations will be both swift and effective. In specific terms, issues such as the UK’s current 24-hour bail clock will become less of a source of frustration and lengthy trial delays in the system can be significantly reduced”.
A powerful trio of system features drives the scalable and automated workflow which lies at the heart of Cascade Forensics. Processing logic, driven by organisational policy, can be based on criteria such as the number of hash matches, or keyword hits per category, while smart ingestion nodes in groups of six accept and process a broad range of digital devices from USB sticks to computers concurrently. Finally, the intelligent ‘Cascade Server’ controls multiple nodes, scaling up to a maximum of 24, delivering a fully ISO17025 ready solution managing users access, processing policies, workflow logic, reporting, remote access and system administration within a secure and auditable environment.
The system combines a significant volume capacity with increased efficiency, the latter achieved by minimising the number of exhibit handling and processing steps between seizure and review by the investigating officer and a combination of eliminating unnecessary imaging, reducing storage costs and automating the delivery of preliminary results for review.
In terms of integration with existing forensic tools, this will pose no problems either, as Sheldon points out: “The system is what we call product agnostic, triggering actions using third party forensic tools such as Axiom, IEF and Xways etc. System adoption is, therefore, non-disruptive and seamless.
With a full advice, implementation and training package available, Cascade Forensics is expected to be a candidate for early adoption by law enforcement agencies, the military, revenue and customs and government agencies already familiar with digital forensics.