Quickly Discover Actionable Intelligence from Computers and Digital Devices in the Field
Today’s military and intelligence operatives need media exploitation tools to gain immediate access to intelligence from computers, smartphones, tablets, and other digital devices. However, their biggest challenges and obstacles have included complex software programs, heavy and bulky hardware, and time-consuming intelligence collection and analysis processes. ADF Solutions has developed Triage-G2 to comprehensively address these challenges and has established it as the media exploitation tool of choice for the U.S. Department of Defense to deploy in sensitive site exploitation toolkits for its operators.
Triage-G2 has been designed specifically to be used by nontechnical operators and deployed using a small, portable Triage key (a 32GB USB drive) that requires no computers or other heavy equipment for field deployment. The keys can be easily prepared in advance at the base or in the field by simply using one click to select mission-specific search criteria.
Designed for ease of use, Triage-G2 comes complete with preconfigured search profiles. As a result, nontechnical operators can easily scan and analyze target computers in two easy steps. Mission-specific search profiles can easily be created and deployed to field operators. Click the image below to view software screenshots.
Triage-G2 searches the entire target drive in four categories and integrates unique technologies, including ActivitySensorTM that allow operators to target high value files as quickly as possible. This technology is critical in scenarios where operators have limited time to scan a computer.
When inserted into the target computers, the triage key automatically collects the files identified as mission-critical intelligence. The intelligence collected can be viewed immediately on the target computer or back at base for more in-depth analysis. When time is critical, operators can prioritize the sequence of the scan to ensure the most vital intelligence is captured first Click the image below to view software screenshots.
SearchPaks® use a patented process to capture and deploy powerful search or forensic intelligence. They can be easily configured by users to identify critical intelligence, including search terms, hash values, image analysis, and regular expressions. The search can be narrowed on file properties including dates, file size, etc. Triage-G2 also collects extensive system captures, including Internet search and browsing histories, browser map search history, USB device history, and most-used applications. Click the image below to view software screenshots
Customized HTML or CSV reports can easily be created for distribution.
When out in the field, it is critical that operators have a simple, single tool that can extract intelligence from multiple devices and systems. Triage-G2 was designed with this in mind and supports multiple software platforms including Windows, Macintosh, and Linux.
When the computer is booted from the triage key or boot CD, there are no changes made to the target drives. During a live scan, Triage-G2 offers a stealth option which runs the application in a covert mode and removes all possible system entries for the triage key. Unlike any other triage tools today running a live scan, ADF tools do not alter file times and dates. This provides unique capabilities to protect human assets during sensitive defense and intelligence missions, when undetected surveillance is critical.
When operators cannot risk losing valuable information by turning off a target computer, they need to be able to capture digital intelligence from a running or live device. Triage-G2 allows live analysis of computers running Windows that cannot be shut down, which minimizes the risk of losing valuable intelligence by capturing all volatile data, including memory from all 32-bit and 64-bit windows operating systems.
The ADF Solutions Triage platform allows upstream forensic examiners and analysts to design and control the search criteria used by the field operatives downstream. Through powerful encryption capabilities, the search criteria can include classified information without the risk of exposure to unauthorized personnel. This also gives the analysts precise control over the operatives in the field. Most important, the same search criteria can easily be reused by other operatives with similar mission objectives.
Triage-G2 includes configurable file header definitions for file collection and give operators the highest confidence in the triage results.
Triage-G2 includes advanced image-matching technology that bypasses the traditional hash value limitations for identifying altered and similar images, including those that have been deleted or found in Thumbs.db files. This technology has helped identify conclusive intelligence without deploying time-consuming forensic resources.
Digital First Responder (DFR) training program
In order to best prepare our customers to use our products, we have developed a two-day user training program for operators. ADF also offers a “Train the Trainer” program to integrate with existing operator sensitive site exploitation and media exploitation training programs.
The Triage-G2 Kit includes:
- One portable travel case
- One 32GB high-speed USB key
- One bootable CD
- One USB extension cable
- One teasing needle
- One portable flashlight
ADF tools have been selected and deployed by agencies worldwide. Click here for customer testimonials.