Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Forensic memory analysis tool available

ManTech International : 19 August, 2008  (New Product)
Memory DD 1.3 enables unsaved data to be captured using RAM images which are unsaved at shutdown
ManTech International has announced the release of ManTech Memory DD 1.3, a physical memory acquisition tool for imaging Windows based computers. ManTech Memory DD captures a record of physical or random access memory which is lost when a computer is shutdown. Available for government and other private uses, ManTech Memory DD is capable of acquiring memory images from the following Microsoft products: Windows 2000, Windows Server 2003, Windows XP, Windows Vista, and Windows Server 2008. All of these operating systems are supported in both their 32-bit and 64-bit versions.

ManTech Memory DD 1.3 acquires a forensic image of physical memory and stores it as a raw binary file. To help verify data integrity and aid in the preservation of the evidence, the information captured by ManTech Memory DD is checked by the Message-Digest algorithm 5 (MD5), the common Internet standard used in security applications. The binary file can then be analyzed using external tools to identify items of interest to the examiner.

There have been numerous, well-documented computer exploits that never leave evidence on a computer's persistent storage devices, such as hard drives. These exploits reside solely in the physical memory of the machine. When the machine is powered off, the evidence of the exploit vanishes. In some cases, evidence of online communication (such as chat sessions) resides in memory even after the communication has terminated. Encryption keys for disk encryption utilities can often be recovered from physical memory as well. The ability to image physical memory allows the forensic examiner to recover valuable information that would otherwise be lost forever. With ManTech Memory DD it is now easy for the Department of Defence, Intelligence Community, law enforcement, and commercial organizations to acquire and preserve physical memory images.

ManTech's Memory DD is currently used by government agencies and its own computer forensics and intrusion analysis professionals, which are a center of excellence that the US government and the Intelligence Community rely on to solve their most difficult computer forensics and information security challenges. ManTech supports over twenty sensitive clients in the national security and Intelligence Communities, as well as federal and state agencies and Fortune 500 corporations.

ManTech Memory DD is available to government agencies, commercial organizations, and individuals that use the product for their commercial and private endeavors. The technology can also be licensed for inclusion into commercial tools.

ManTech's Memory DD is part of a suite of tools ManTech provides to it's Department of Defense, Intelligence Community and Homeland Security customers to support their most challenging cyber security problems.

ManTech's Sentris is a security labeling and access control platform for Microsoft Windows-based environments that facilitates trusted information sharing and data access using specialised identity management and authorization algorithms. Sentris solves the need to provide assurances for information access, email validation, and data protection. ManTech's Document Detective 3.0 is a leading electronic document security tool that identifies and removes more than 100 types of hidden and meta data in Object Linking and Embedding files, Portable Document Format files, Hypertext Markup Language, Extensible Markup Language, and Microsoft PowerPoint, Excel and Word® documents.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo