Guidance Software announced EnCase Cybersecurity, designed for information security, network defense and incident response teams who are tasked with protecting sensitive or confidential information, and identifying and responding to network threats.
EnCase Cybersecurity complements and augments existing information security tools that aim either to block or quarantine data – such as firewalls, intrusion prevention systems, antivirus, or data loss prevention tools – or that trigger or correlate alerts, such as intrusion detection systems, configuration management, or SIM and SIEM tools.
EnCase Cybersecurity provides:
- The ability to identify and analyze undiscovered threats, such as polymorphic or metamorphic malware, packed files, and other hacking techniques that evade traditional network- or host-based defenses
- Powerful investigative capabilities so that an organization can search across its network for sensitive or confidential data, such as credit card numbers, account numbers, or intellectual property
- Risk mitigation by wiping sensitive or confidential data from unauthorized locations, and removing malware and malware artifacts from hard drives, RAM, and the Windows Registry on laptops, desktops, and servers
- Visibility into endpoint risk, leveraging disk-level forensic access of data on endpoints, with the ability to compare endpoints against a trusted baseline and/or an included hash database (both whitelist and blacklist).