Product Id: 29667637
Description: AccessData Enterprise - License - 1 endpoint - Win
Mfr Part #: 9902009
AccessData Enterprise takes network-enabled digital investigations to the next level. Built on the industry-standard, court-validated Forensic Toolkit technology, AD Enterprise delivers state-of-the-art incident response capabilities, deep dive analysis of both volatile and static data, as well as superior threat detection capabilities - all within an easy-to-use interface. A role-based permission system, an intuitive incident response console, secure batch remediation capabilities, unsurpassed searching and filtering, and comprehensive logging and reporting are just a few of the reasons AD Enterprise is quickly being adopted by Fortune 500 companies.
- The agent-side search and analysis of live memory on Windows machines across the enterprise
- Correlate static forensic data and volatile incident response data within the same interface
- Industry's first integrated "one click" acquisition of hard drives, RAM and volatile data
- Incident response console enables rapid review and analysis of key volatile data elements in an easy-to-use format with "360-degree" views of data across machines and across time
- Integrated analysis and forensic collection of network shares
- Right click process kill during an IR investigation
- GUI-integrated, secure remediation
- Batch Remediation allows authorized personnel to automatically remediate threats on multiple machines at the same time, which is critical to preventing widespread damage due to fast-proliferating threats
- Active directory and ePO integration enable quick identification and selection of nodes
- The industry's first one-click acquisition of hard drives, RAM and volatile data
- Automated Batch Acquisition of devices and RAM to streamline large multi-node evidence collections
- Easy-to-use data processing wizard that automatically categorizes indexes and exposes data
- Search and collect from network shares
- Market-leading decryption, password recovery and cracking technology
- Conduct secure investigations on multiple machines across your network from a central location
- Web-based management server enforces granular role-based security
- Rich, wizard-driven reporting on static and volatile data, making it easy to share information and generate meaningful reports
- Agent Resource and Bandwidth Throttling allows you to define low, medium and high to determine how much CPU and bandwidth is used during investigative operations, where low is super stealth and high is for speed
- Oracle database backend allows you to handle massive data sets, delivering case management, metadata storage and robust data manipulation capabilities
- True Auto Save/Recovery functionality in the event of a failure
- Forensically sound and court-validated technology
- Regulatory and policy compliance
AccessData Enterprise facilitates regulatory compliance allowing organizations to respond quickly to investigate accusations or suspicions of employee malfeasance, such as fraud, PII theft, or the theft of credit card information. Having visibility into data on desktops, laptops, peripheral devices and network shares allows an organization to maintain compliance with regulations, such as Sarbanes-Oxley, PCI requirements, HIPAA, FISMA, and internal policies.
- Usage compliance
Scan thousands of machines for unapproved processes, and if policies allow, IT personnel with the proper credentials can simply right-click to kill a specific process. Or if, for example, several unapproved processes are found to be running on multiple machines across the enterprise, IT personnel can initiate a batch remediation operation.
- Internal threats
AccessData Enterprise allows you to see all data wherever it lives across your enterprise. You can proactively investigate users' machines across your network to identify artifacts that might indicate wrongdoing, such as intellectual property theft. In addition, you can react immediately and stealthily to validate whether an employee is guilty of IP theft, harassment or other wrongdoing. Once an internal threat has been validated, you can forensically preserve all evidence from a central location, even if there are multiple suspects spread throughout the world. For example, if one of your employees is suspected of sending confidential information to a competitor, and that person is traveling on the other side of the globe, his laptop (if an agent is installed) will check in with AD Enterprise whenever he goes online. He doesn't have to log into your network; he just needs to be online. (i.e. checking his web mail at a Starbucks).
- External threats
Perimeter defense and monitoring technologies can only prevent or alert on threats that have been defined. Furthermore, savvy hackers have a multitude of sophisticated methods by which to circumvent these products. Therefore, your information security solution is not complete without enterprise-wide visibility and investigative reach, including the ability to remediate immediately from a remote location. Proactive and reactive scanning with AD Enterprise will allow you to identify rogue processes and malicious attributes, even those hidden by root kits. It enables you detect external threats-even Advanced Persistent Threats, analyze the compromise to understand how it operates, conduct a network-wide assessment to identify all other affected nodes and remediate all affected nodes from a central location. For far too many organizations, this capability is the missing piece in their information security puzzle. Without this response capability organizations are not able to effectively prevent widespread damage in the event of a security incident and they are not able to ensure thorough remediation.