SIFT Workstation
SIFT Workstation
SIFT Workstation is a computer forensics distribution based on Ubuntu. It is one of the best computer forensic tools that provides a digital forensic and incident response examination facility.
Features:
.It can work on a 64-bit operating system.
.This tool helps users to utilize memory in a better way.
.It automatically updates the DFIR (Digital Forensics and Incident Response) package.
.You can install it via SIFT-CLI (Command-Line Interface) installer.
.This tool contains numerous latest forensic tools and techniques.
The SIFT Workstation is a collection of free and open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings. It can match any current incident response and forensic tool suite. SIFT demonstrates that advanced incident response capabilities and deep-dive digital forensic techniques can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
The SIFT Workstation is a collection of free and open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings. It can match any current incident response and forensic tool suite. SIFT demonstrates that advanced incident response capabilities and deep-dive digital forensic techniques can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
Key new SIFT Workstation features include:
.Ubuntu LTS 20.04 Base
.64-bit base system
.Better memory utilization
.Auto-DFIR package update and customizations
.Latest forensic tools and techniques
.VM Appliance ready to tackle forensics
.Cross compatibility between Linux and Windows
.Option to install/upgrade stand-alone system via SIFT-CLI installer
.Expanded Filesystem Support
SIFT Workstation Testimonials
SIFT workstation is playing an essential role for the Brazilian national prosecution office, especially due to Brazilian government budgetary constraints. Its incident response and forensic capabilities are bundled in a way that allows an investigation to be conducted much faster than it would take if not having the right programs grouped on such a great Linux distribution. The new version, which will be bootable, will be even more helpful. I'd highly recommend SIFT for government agencies or other companies as a first alternative, for acquisition and analysis, from the pricey forensics software available on the market.
- Marcelo Caiado, M.Sc., CISSP, GCFA, EnCE
What I like the best about SIFT is that my forensic analysis is not limited because of only being able to run an incident response or forensic tool on a specific host operating system. With the SIFT VM Appliance, I can create snapshots to avoid cross-contamination of evidence from case to case, and easily manage system and AV updates to the host OS on my forensic workstation. Not to mention, being able to mount forensic images and share them as read-only with my host OS, where I can run other forensic tools to parse data, stream-lining the forensic examination process.
Comments
Post a Comment