ACQUIRE FASTER. ANALYSE IMMEDIATELY.
Evimetry Remote accelerates remote forensics, bringing forensically reproducible triage, security and speed to remote and live analysis.
Acquire and analyse remote evidence at wire speed.
Analyse remote live Windows, OSX and Linux systems without the wait. Evimetry’s secure network protocol uses compression to speed evidence access. Any evidence accessed is stored in a partial forensic image, with following accesses read from the image, preserving limited network resources.
Flexibility in evidence storage location.
Position evidence storage in locations close to target computers faster and more reliable acquisitions. For example, spin up an instance of the cloud agent in the same datacentre as a target server, or ship an appliance instance of the dead boot agent to a branch o ce.
Simple, secure access.
Evimetry uses robust, industry standard TLS encryption for security in a simple to deploy and manage form.
Evimetry closes the gap between acquisition and analysis, with examination and triage activities to occurring at the same time as acquisition. Leverage your preferred forensic toolset for live analysis and triage while you acquire, via a virtual disk device view of your live acquisition.
Acquire only what you choose.
Evimetry’s technical advance is the partial physical forensic image. This enables acquisition of the most important evidence first, and the successive widening of scope by live analysis and category based profiles.
Works with your current toolkit.
Evimetry’s physical images are simply accessible from your current forensic toolset (even partial images), using our freely available filesystem bridge. Or if you prefer, convert into existing format in the time it takes to copy an image from an evidence drive to an analysis workstation.
Buy Evimetry Remote.
Please contact us to purchase at the following introductory pricing. Prices are in US Dollars.
|Remote Basic||Remote Standard||Responder|
|Simple, remote live analysis.||Remote live analysis.||Local and remote accelerated
acquisition & live analysis.
|Dead boot single destination acquisitions||-||-|
|Dead boot multi-destination striped acquisitions||-||-|
|Remote network control of acquisition operations|
|Remote Live agent network based operations (Windows, Linux, OSX)|
|Remote in-cloud evidence storage agent||-||-|
|Virtual disk previews of remote live devices (remote systems)||
|Virtual disk previews of remote live devices (examiners)||1||
|Concurrent advanced acquisitions||1||2||2|
|Remote Volatile Memory acquisition (Windows, MacOS, Linux)|
|Complete Physical Disk acquisition|
|Partial Physical acquisition of allocated only|
|Partial Physical acquisition (profile based)|
|Convert AFF4 to EWF & RAW|
|Mount local images as virtual file or disk|
|Mount remote images as virtual file or disk||-|
|Node to node image transfer||-|
|Communications encrypted with strong TLS 1.2 crypto||-|