1. BROCHURE AD Enterprise Identify, Acquire and AnalyzeAll In-House Support incident response (IR) activities, enforce policies and conduct investigations spanning computer misuse and employee misconduct; all while reducing overhead costs. 2. www.accessdata.com AD Enterprise AD Enterprise provides public sector agencies and private companies with deep visibility into data and across your organization to support identification, acquisition, analysis and even targeted remediation. It is a stalwart, mature investigation solution built for scale, speed and broad capabilities. Despite all the money spent on preventative technologies, employee misconduct and abuse of policy and assets continues to impact organizations. Dealing with these security incidents can translate into privacy-related class-action lawsuits that may require years of expensive litigation and, in some instances, irreversible reputational damage. As the evolution of technology is accelerated, risks become more prevalent and sophisticated. Timely detection, identification and remediation of these risks are key to the survival of any organization. AD Enterprise enables organizations to meet digital investigation challenges head-on with less cost and fewer resources. Managing digital investigations often involves multiple people and devices in multiple locations. Increasingly, organizations are looking to in- source their management and control in-house investigations. Regulation including HIPPA, Sarbanes-Oxley (SOX), Dodd-Frank, Safe Harbor and requests originating from FOIA and SEC are placing additional burden on already overtaxed IT and investigative units. AD Enterprise allows teams to identify and acquire data remotely; even on endpoints in distant offices. Conducting internal investigations to support HR, regulatory, and fraud through searches across multiple systems to identify relevant information. This immediately narrows the scope of the investigation and reduces both the cost and time spent on each matter. AD Enterprise integrates seamlessly with any organizations existing infrastructure creating network-wide investigative reach. This allows organizations to forensically examine a comprehensive list of operating systems, including Windows, Linux, Mac, and UNIX. AccessData technology integrates data acquired from the full spectrum of mobile devices including Android, iOS, and Blackberry. Additionally, AD Enterprise leverages the forensic industrys leading volatile memory (RAM) acquisition and analysis technology. Quickly analyze and discern anomalies related to communication ports, sockets, running processes and other volatile data. This capability can be crucial when actively investigating security incidents and supports security analyst obligation to protect assets from external and internal threats. Benefits Keep It In-House. Conduct in-house digital investigations at a price point far below the expense of hiring external consultants or services teams. See Everything. Achieve visibility into all data across your enterprise, enabling you to detect, identify, analyze report and forensically preserve data, as well as remediate security issues. Every Bit of Data Within Reach. Preview and acquire data from multiple remote endpoints, including assets in geographically dispersed offices. Smart-target search, acquire, forensically preserve and deeply analyze digital dataall from a centralized location. Securely access, analyze and forensically preserve a wide variety of data over the wire. Aboveboard Operations. Maintain compliance with regulations, such as Sarbanes-Oxley, PCI requirements, HIPPA, FISMA, and internal policies by allowing you visibility into data on desktops, laptops, peripheral devices and network shares and facilitating HR, fraud, employee misconduct and other internal investigations. Take the Power Back. Enforce the usage compliance and remediate damage by scanning thousands of machines for unapproved processes, and if policies allow, stop specific processes and initiate batch remediation on a single machine or multiple machines at once across the entire enterprise. 3. www.accessdata.com 2014 AccessData Group Content Monitoring Alerts. Correlate user activity with content monitoring alerts and forensically preserve relevant data. Employee Malfeasance. Execute large-scale forensic investigations in stealth to verify whether malicious activity has occurred. IP Theft. Conduct quick, thorough investigations of multiple individuals with a focus on user files and email. Computer Usage Violations. Scan the network for unapproved processes and preview drives to determine if computer usage violations have occurred. Hacking. Scan several machines at once to determine the scope of a breach and perform root analysis. IDS Alerts. See current activity on any given machine to IDS alerts. Malware. Scan across the entire network for unknown and known malicious processes and dlls. Compromised Data. Create a threat profile and execute an audit to identify all contaminated machines. How Secure is your Enterprise? AD Enterprise is designed to eradicate threats no matter where they come from. INTERNAL THREATS EXTERNAL THREATS AD Enterprise provides a versatile architecture that can be applied from medium to large organizations. Investigations are no longer limited by travel schedules or complications due to remote offices and those working from home. Management Server Workstations, Laptops, Servers (Agent Data Sources*) *Supports Linux, Mac and Microsoft Network Shares Corporate Firewall Laptops/Websites (External Collection Sources) Proxy Server (optional) 4. AccessData Group makes the worlds most advanced and intuitive incident resolution solutions. AccessData technology delivers real-time insight, analysis, response and resolution of data incidents, including cyber threats, insider threats, mobile and BYOD risk, GRC (Governance Risk & Compliance) and eDiscovery events. Over 130,000 users in law enforcement, government agencies, corporations and law firms around the world rely on AccessData software to protect them against the risks present in todays environment of continuous compromise. AccessData is a registered trademark of AccessData Group. AD Enterprise is a trademark of AccessData Group. 2014 AccessData Group GLOBAL HEADQUARTERS +1 801 377 5410 1100 Alma Street Menlo Park, CA 94025 USA NORTH AMERICAN SALES +1 800 574 5199 Fax: +1 801 765 4370 sales@accessdata.com INTERNATIONAL SALES +44 20 7010 7800 www.accessdata.com AD Enterprise Data Preview & Acquisition u Quick preview and acquisition of static and volatile data. Acquire documents, images, email, webmail, internet artifacts, web history and cache, HTML pages, chat sessions, compressed files, backup files, encrypted files, unallocated space, deleted files and logical volumes. u Large scale batch acquisition to streamline large, multi-node evidence collections. Application Security & Administration u Uses market-leading integrated decryption, password recovery/ cracking technology. u Secure, FIPS 140-2/Certified Solution. u User audit-logging which includes connections to specific targets, data previews and data acquired. Incident Response & Remediation u Incident response console enables rapid review and analysis of key volatile data elements across machines and across time. u Point-and-click remediation capabilities to delete files, kill processes and more. KEY FEATURES Data Ingestion & Processing u Distributed processing supports workloads in the terabytes. This takes hours, instead of days. u Easy-to-use data processing wizard automatically categorizes, indexes and exposes data. u Supports E01 evidence files, DD and more. AccessData Enterprise is designed for thorough computer forensic examinations powered with comprehensive search functionality of both static and volatile data and able to reach multiple concurrent remote systems. Schedule a consultation today.