Forensics, Intelligence and Security Case Studies
The Smart Choice for Text Retrieval® since 1991
4 out of 5 of the Fortune 500’s largest Aerospace and Defense companies use dtSearch
3 out of 4 of the “Big 4” accounting firms are dtSearch customers (often in connection with legal and forensics consulting work)
Features of Special Interest to Forensics Users
|
|
|
|
Relativity Trace offers out-of-the-box surveillance policies "leveraging
the searching capabilities of dtSearch."
From press release: "The goal of the surveillance policies is to allow customers to monitor their organization's communications for compliance purposes and generate alerts right away, bringing an industry baseline for what risk looks like, and taking the manual creation of rules out of the equation. A critical part of Relativity Trace are the rules and the alerts that they generate to detect suspicious activity as it happens and before it escalates." "The surveillance policies leverage the searching capabilities of dtSearch, making the terms underneath each policy to be more complex than a single keyword. This reduces false positives and increases review efficiency for compliance teams across all industries." Learn More about the Relativity Platform as a Whole |
|
|
|
|
HYENA eAudit offers a SaaS solution for internal audits and compliance risk diagnostics embedding dtSearch document filters and search.
HM Company is a premium provider of auditing and compliance risk diagnosis services in South Korea. The company has now developed a platform leveraging its many years of expertise. HM Company's HYENA eAudit is a SaaS-hosted, web-based review solution for internal audits and compliance risk diagnostics across a wide variety of information formats."We were very pleased with the dtSearch Engine's high speed of indexing and searching. We were also impressed by the wide variety of file types the dtSearch Engine's document filters support." Learn More |
|
|
|
|
USA Software adds dtSearch Web to police records management system (RMS).
USA Software provides software solutions for law enforcement agencies to manage information and improve communications. USA Software integrated dtSearch Web into their browser-based USA Mobile Dashboard, resulting in convenient browser-based search access for law enforcement across the full-text of the police RMS. "dtSearch Web was an already-proven solution. Adding dtSearch Web to our USA Mobile Dashboard was a quick and easy solution for the police department and their Criminal Investigations Division." Learn More |
|
|
|
|
Tic Tac uses dtSearch to search through terabytes of forensically-retrieved
data.
Located in Israel, Tic Tac Technologies specializes in data recovery, including forensic data recovery services. Clients include major defense industry organizations, police and law enforcement agencies, all Israeli universities and hospitals, and most major tech companies in Israel. “At Tic Tac, we’ve used dtSearch technology for years in the most complex and sensitive computers forensic investigations. During that time, we’ve processed more than a petabyte of emails and documents for e-discovery, leaving our customers fully satisfied with the results of dtSearch.” Learn More |
|
|
|
|
OSINT includes dtSearch in “toolbox.”
From the Open Source Intelligence (OSINT) Tradecraft for Incident Response – Computer Threat Intelligence tutorial delivered at FIRST Cyber Threat Intelligence Symposium London (UK): dtSearch offers "excellent data cataloging ... The tool is perfect for purposes of record keeping and searchable catalogues." Learn More |
|
|
|
|
GetData debuts Forensic Explorer embedding dtSearch.
GetData Forensics has released its computer forensics analysis software, Forensic Explorer. From Law Technology News , which also made Forensic Explorer its “product of the week”: “GetData's new offering supports data recovery and file carving, which is a process to extract data out of undifferentiated blocks or raw data.” Among many other features, Forensic Explorer supports more than 300 file types, analyzes common forensic image formats, and works with multiple file systems. “dtSearch full-text searching across files, emails, etc., ensure that, if there is a ‘smoking gun,’ our users will find it.” Learn More |
|
|
|
|
Boldon James Email Classifier & Office Classifier embeds dtSearch
for advanced security classification.
Boldon James helps organizations with the most demanding communication requirements manage sensitive information securely and in compliance with legislation and standards. Boldon James Email Classifier & Office Classifier captures the user’s understanding of the value and business context of the information they handle, raising security awareness, providing handling guidance and applying control over information exchange. “dtSearch provides Boldon James Email Classifier & Office Classifier with advanced and predictable content searching to aid users in the task of information classification.” Learn More |
|
|
|
|
DeviceLock integrates dtSearch into endpoint device control and security
management platform.
DeviceLock endpoint leakage prevention software enables security administrators to centrally control, log and audit end-user access to peripheral devices and local ports from enterprise systemsNative integration with Microsoft Active Directory® results in easy deployment and administration. “After conducting a thorough comparison among a dozen full-text search products available on the market today, we chose dtSearch because of its unbeatable speed and wide range of covered data sources, including files of all popular types stored as SQL database BLOBsdtSearch also offered an incredible functional set, enabling easy analysis of the silos of unstructured log and shadow data in the DeviceLock central databaseThe end result lets DeviceLock reliably detect and quickly retrieve any data related to security policy violations.” Learn More |
|
|
|
|
IntaForensics’ Lima Case Management System embeds dtSearch for
instant searching across forensics case materials.
IntaForensics is a leading provider of digital forensics services and software in the UK. In addition to operating in the private sector, the company is currently a main contractor for a number of UK law enforcement agencies. The company’s Lima Forensic Case Management applications provide a complete workflow solution and end-to-end case management from collection of exhibits to final case dispatch. “We chose the dtSearch Engine to integrate in the Lima Case Management system because of its ability to instantly find keyword, or, combination keyword hits ... Since adding the dtSearch Engine, our customers have said this is a great addition to an already great solution." Learn More |
|
|
|
|
Forensic Toolkit analysis applies dtSearch.
Exterro's Forensic Toolkit® (FTK®) is recognized around the world as the gold standard in computer forensics software. Used by law enforcement, government agencies and corporations worldwide, FTK is an extremely effective tool in extracting and analyzing electronic evidence. “The optimized dtSearch integration delivers fast indexing and fast search results, even with large data sets, zeroing in on relevant information quickly. Today, with an ever-increasing need for more comprehensive and effective tools in a digital investigator’s arsenal, FTK powered by dtSearch certainly provides a potent answer.” Learn More From Network Computing: Forensic Toolkit “has significantly more powerful and efficient text-search functionality, thanks to dtSearch Text Retrieval Engine integration. Integrating dtSearch eliminates the need to buy a separate text-search tool.” |
|
|
|
|
GFI Software™ adds data leak prevention to comprehensive business
archiving solution embedding dtSearch.
GFI Archiver now offers data leak prevention in its one-stop business archiving solutionFeatures include: MailInsights reports to help identify potential security breaches, legal risks and productivity issues by extracting key data from email archives; Data Leakage Detection Reports to identify emails containing sensitive information; and Communications Flow Reports depicting the flow of communications across the business. “Apart from its easy integration and customization capabilities, dtSearch offers excellent performance, reliability and scalabilityHaving multi-language support is also a great benefit, given our international customer base.” Learn More (see also separate listing in Information Management) |
|
|
|
|
ILook Investigator © Toolsets include dtSearch.
The ILook Investigator toolsets are computer forensic tools used to capture and analyze images created from computer systems hard drives and other external storage media. ILook is provided free to qualifying agencies throughout the world. Eligible users must be involved in computer forensics and employed by one of the following: 1) a law enforcement agency whose employees are sworn law enforcement officers; 2) a government intelligence agency; 3) a military agency with authority in criminal and or counter intelligence investigations; 4) a government, state or other regulatory agency with a law enforcement mission. Learn More on ILook |
|
|
|
|
Trinus Technologies works with Royal Canadian Mounted Police on the G8 Summit
Security Joint Intelligence Group (G8 JIG), using dtSearch.
Attending the G8 Summit Conference were Prime Minister Chretien (Canada), President Bush (US), as well as heads of state from the United Kingdom, Russia, France, Germany, Italy and Japan. “The event, from an intelligence investigation perspective, was a resounding success ... We used dtSearch in a web configuration as the main search tool for users ... The search functions as provided by this system proved to be an integral and vital part of the success of the G8 JIG. With a minimum of instruction, users were able to perform sophisticated searches in a familiar web environment. System performance ... was predictable and excellent.” Learn More |
|
|
|
|
Pinpoint Labs addresses “searching for buried treasure” with
dtSearch.
Pinpoint Labs specializes in computer forensics software and services. From the company’s “Searching for Buried Treasure” Blog posting: “Mapping the data landscape may not immediately indicate where the textual ‘treasure” is located ... A common process mistake is assuming that all files are searchable ... there are several common exceptions that will prevent a complete search.” “I’ve been a fan of dtSearch for many years because it handles large file collections of up to several terabytes, has extensive file type support, and great customer service. dtSearch is also integrated into several popular litigation support and computer forensic applications.” —Learn More (“Searching for Buried Treasure”) |
|
|
|
|
ENSR comes in “on time and on budget” using dtSearch for DOD
scientific data project.
Focused on the oil and gas, gas and electric utilities, transportation, manufacturing and government sectors, ENSR is an environmental consulting and engineering firm that provides a comprehensive range of services logically aligned with its clients’ asset management life cycle to help resolve complex environmental issues. For the US Department of Defense, ENSR worked on an application that compiles a set of scientific data, including experimental test results, scientific papers, and software model abstracts. After compilation, the US DOD and ENSR distributed the application on portable hard-drives, designed to enable easy access in the field, and to prevent unauthorized disclosure of sensitive data. “ENSR using dtSearch delivered a solution that was on time and on budget. The methodology that ENSR developed using dtSearch would be applicable for other technical problem areas. In fact, the methodology we developed would be of general use in providing easy access to any scientific body of knowledge.” Learn More |
|
|
|
|
Chicago Electronic Discovery: “HOWTO: index and search
forensic disk images with dtSearch.”
“If you primarily use Linux and The Sleuth Kit/Autopsy to perform forensic investigations, you will already know there are certain limitations to searching in TSK. The following is the approach I use to provide a more thorough search.” “You can then search allocated and carved files and the raw binary file separately. dtSearch uses a ‘filtered binary’ approach to raw files which has proven quite effective in my cases.” |
|
|
|
|
Placing the Suspect Behind the Keyboard author relies on dtSearch.
Placing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects is the definitive book on conducting a complete investigation of cybercrime. “dtSearch is the only software product that I have used consistently on every digital forensics case, from my first case to my current case. And it’s not just about indexing data; it is about reducing an ocean of data into specific intelligence and useful information that benefits the case.” Learn More |
|
|
|
|
Altia-ABM investigative software embedding dtSearch now deployed across
UK police forces, other enforcement and intelligence agencies.
Headquartered in the UK, Altia-ABM develops innovative software to facilitate investigations and manage covert operations. Altia-ABM is now looking to further expand its software footprint globally, including to police and other law enforcement and intelligence agencies across the U.S. “We’ve been told by more than one government agency that they would not have been able to complete certain complex investigations without our software.” “A key benefit of our investigation support products is the embedded dtSearch Engine’s ability to instantly search terabytes of investigative and other data.” Learn More |
|
|
|
|
Overview: dtSearch in Data Loss Prevention (DLP) Applications.
From Price of Business , Nationally Syndicated on the BizTalkRadio Network, describing how the dtSearch Engine works in Data Loss Prevention or DLP applications. Learn More (radio segment) |
|
|
|
|
US Military deploys dtSearch.
For example, a public tender notice was issued for a US Army dtSearch Engine license renewal. (Other license details not made public.) dtSearch welcomes its users in the US military. |
|
|
|
|
“What It Takes to Review 650,000 Emails” (including
dtSearch).
From FCW – The Business of Federal Technology : “When the FBI was asked to look into these emails, it wasn’t being asked to do anything revolutionary. It’s a fairly standard cyber-forensic skill, according to ... the CTO of Computer Forensic Services and former senior computer forensic analyst for the U.S. Secret Service Electronic Crimes Task Force ... Based on his prior experience with federal law enforcement ... the FBI would have likely used Encase, Forensic Toolkit or dtSearch software to help analyze the email data.” |
|
|
|
|
GDIT joint task force and other law enforcement-related applications
embedding dtSearch Engine help find the "smoking gun."
Benefits to “Joint Law Enforcement Task Forces throughout the United States" have included “help in their maritime security, anti-terrorism, counter-drug and criminal investigation missions.” The applications have “helped analysts to successfully identify terrorist group activities, senior drug trafficking organization members and threats to port operations."  From the Washington
Business Journal, describing an earlier implementation of the product
line: “Simply put, the two companies help the good guys catch the bad guys.
The FBI and local law enforcement agencies ... have used [these products] to
sift through massive amounts of computer data to help make the connections
that lead to arrests.” “Dramatic examples where the product has helped catch
criminals” include “a money laundering and black market gem operation” and
“a police shooting in California.”
|
|
|
|
|
SEARCH, The National Consortium for Justice Information and Statistics, adds
dtSearch to training.
SEARCH is a nonprofit membership organization funded by the U.S. Department of Justice and created by and for the States. Dedicated to improving the criminal justice system through the effective application of information and identification technology, SEARCH is now including dtSearch in part of its training. Learn More on SEARCH |
|
|
|
|
dtSearch included in International Association of Crime Analysts (IACA)
Presentation.
Presentation included usage of dtSearch search results retrieved by the Tulsa Police Department through CitiSource Intranet application. “We have installed dtSearch so that it is accessed through our CompStat interface ... dtSearch returned suspect information with minimal input in milliseconds.” Learn More |
|
|
|
|
Certified forensic technician finds dtSearch “insanely
fast.” ”I setup a link for my users to get to the engine and they have been thrilled with the results. dtSearch has saved me from my users AND it is insanely fast!” Learn More |
|
|
|
|
ZixAuditor® enhances email auditing with dtSearch.
ZixAuditor is an assessment service that enables organizations to identify email security vulnerabilities and implement more effective policies and procedures to achieve higher levels of protection. “The software has an impressive feature set and covered everything we needed for an email content scanner. We liked the many search options that dtSearch provided, including forensic indexing, word stemming and matching on Boolean, numeric, wildcard and proximity expressions.” Learn More |
|
|
|
|
ZixVPM® solves Linux-based email filtering puzzle with dtSearch.
ZixVPM (Virtual Private Messenger) is a Linux-server-based e-messaging solution for organizations that require a high level of security and encryption for inbound and outbound email communications. ZixVPM works to safeguard an organization’s communications and enforce consistent and uniform corporate policy-based email security standards. “The embedded dtSearch Engine enabled the powerful scanning techniques in our product ... With dtSearch, the ZixVPM product performs content scanning in the message subject and body text and in any file attachments included in the message. dtSearch was extremely responsive in working with us to create a Linux API that would meet our needs.” Learn More |
|
|
| dtSearch “has users at the Bureau of Alcohol, Tobacco and Firearms; California attorney general’s office; Defense and Justice departments; and NASA.” — Government Computer News |
|
|
|
“In our experience, we have found that dtSearch is a robust, highly
configurable indexing and searching tool for electronic documents and many
types of e-mail, including Microsoft OutlookdtSearch also makes the engine
available to developers to allow users to create added functionality if
necessary.”
— Handbook of Digital Forensics and Investigation
(available at Amazon.com) |
|
|
|
dtSearch can “find a wide variety of documents quickly and easily in
many different languages and writing systems.”
— Machine Learning Forensics for Law Enforcement, Security, and
Intelligence
(available at Amazon.com) |
|
|
|
“dtSearch to the Rescue ... I want to let you know about an incredible
tool ... The products create indexes that then allow multi-gigabyte size
disk drives to be searched in less than a second in most cases. Things like
fuzzy searching, phonic searching, numeric range searching, synonym
searching and wildcard searching are also possible as well as searching in
network drives, CDs and even the Internet ... I have never used anything
quite like this product.”
— SC InfoSec Newsletter |
|
|
| “Every time we go “manual” I am reminded, once again, what a great product dtSearch is! I have our entire database indexed so all we have to do is type in the account number and INSTANTLY it appears on the screen along with all dispatch instructions, zone descriptions and contacts ... With dtSearch, we increased our lookup speed so dramatically that we can’t imagine how we ever used those index cards for the task!” — Customer at intercityalarms.com |
|
|
|
“dtSearch provides several versions of its text mining software for
the desktop, Web sites, remote servers, and for embedding in other
applications ... ideally suited for rapid indexing by forensic
investigators.”
— Investigative Data Mining for Security and Criminal Detection (available at Amazon.com) |
|
|
|
“Another unique approach to file processing in FTK is the integration
of the dtSearch text-indexing software ... Currently, FTK is the only
integrated forensics analysis tool to incorporate full text indexing into
the file processing functions.”
— SC Magazine (from review of AccessData’s The Forensic Toolkit™) |
|
|
| Awarded Top Rating by TUCOFS - The Ultimate Collection of Forensic Software, A Complete Resource for Cyber Law Enforcement Technologies. |
|
|
| “The best indexing program I’ve found is dtSearch” — Effective Discovery of Email |
|
|
|
dtSearch
“searches are blindingly fast. Fishing expeditions are easier with
features such as fuzzy searches, which can find words even when they are
misspelled, and a built-in thesaurus that can be used to automatically
include synonyms in a search ... Functioning equally well against both email
folders and text files, these are very powerful and useful capabilities for
an investigator.”
— Computer Forensics: Incident Response Essentials (available at Amazon.com) |
|
|
|
“dtSearch, an indexing application typically used as a forensic tool
... excels at indexing your case information to be searched on the fly
..dtSearch not only indexes large datasets but it can also create reports of
the searches, export the files found, and even highlight the key words
found.”
— Cybercrime Case Presentation
(available at Amazon.com) |
|
|
|
“That’s an easy one: dtSearch. This incredible tool has more
applications than anything that I have worked with in 30+ years as a
technical specialist. More magazines and news groups than any product that I
am aware of have also recognized it. Several of the authors in this book
have mentioned dtSearch as a valuable part of their forensics toolkit as
well.”
— Techno Security’s™ Guide to E-Discovery and Digital Forensics (FAQ section, by the authors of the book) |
|
|
|
“Once you’ve collected all of your information — and in
today’s world, we’re probably talking about terabytes ...
you’ve got to organize it ... This is generally an industrial task ...
specialized indexing and searching programs can help with this (I’m
partial to dtSearch).”
— Techno Security’s™ Guide to E-Discovery and Digital Forensics (“Digital Forensics: An Overview”) |
|
|
|
“dtSearch leads the market of mid-range cost indexing systems ...
dtSearch has several configurations of its indexing system, including just
the dtSearch engine for implementation into other products.”
— Hacking Exposed, 2nd Edition
(available at Amazon.com) |
|
|
|
“So there I was, working an IR case ... The forensics version of 'It
was a dark and stormy night.' I pointed dtSearch at the folder containing
all the output and indexed it. This allowed me to quickly search ... the
output from all of the systems for new information.”
— Integriography: A Journal of Broken Locks, Ethics, and Computer Forensics |
|
|
|
“dtSearch provides a commercial grade toolset for forensic
searching”
— Windows Forensics: The Field Guide for Corporate Computer
Investigations
(available at Amazon.com) |
|
|
|
“After you create an image of suspect media, you'll need to search for
possible evidenceThe dtSearch product line ... provides solutions that
enable you to search terabytes of text in a short timeAlthough not strictly
a forensic tool, dtSearch supports a highly necessary forensic
function.”
— Computer Forensics JumpStart
(available at Amazon.com) |
|
|
| Case studies are based on information obtained at the time a case study is written. Case study descriptions may not reflect the current status of an application. dtSearch Corp. cannot independently verify information contained within case studies. All information is provided subject to Terms of Use. |