Custom Development for Autopsy
The Sleuth Kit and Autopsy are premier open source digital forensics platforms that have largely been built by engineers at Basis Technology. Both of these platforms have frameworks that were designed to enable the creation of flexible and extensible systems. The platforms come with a standard set of modules to cover the broadest array of hard drive investigation use cases, but were designed knowing that different organizations have different needs and workflows. Basis Technology’s ground level expertise and development know-how with these platforms enable us to efficiently build modules resulting in a customized solution for your your team’s investigation and frees your engineers for other critical activities.
There are three general types of modules available:
- File Analysis: These modules focus on file content and attributes. Modules in this category flag suspicious files and extract information from files. Custom modules can extract data from rare file formats, apply proprietary detection techniques, and interact with correlation databases.
- Reporting Modules: These modules organize the analysis results into a report. Custom reporting modules can produce output in formats that are required by your organization.
- Graphical Analytics Display Modules: These modules leverage analytics and visualization to improve the efficiency of examinations. Custom modules in this category include timeline visualization of large amounts of events and sorting of graphical images.