When conducting on-scene triage for any type of crime it is essential to be prepared for any devices you may encounter. It is important to pre-plan and try to figure out what type and how many devices you may encounter, but no matter how many times you read the report or conduct pretextual calls your estimate is going to be off. You need to be prepared and have the ability to adapt and overcome.
Digital Forensic News & Events


How to Have a Digital Forensic Triage Process that Works Field to Lab
In this 3-minute "How To" video, you'll learn the benefits of having a digital forensic triage process that works from field to lab. Using ADF digital forensic tools, examiners can prepare field investigators to find digital evidence and intelligence on mobile phones, tablets, computers, and storage devices starting on-scene.

macOS Forensics: Live Scan Macs with T2 or M1 chips
Investigators can now scan all available Mac computers (including macs with T2 or M1 chips) with all types of encryption and virtual drives by running a remote agent that communicates with the desktop application. Now you can perform digital forensic triage on all Macs including
- macOS T2 chip
- macOS M1 chip
- Mac Fusion Drive

What is RAM Capture and Why does it Matter?
RAM, short for Random Access Memory, is physical hardware that temporarily stores data for quick read and write access. Think of RAM as a scratch pad you use while working; although all the information you need and may refer to is stored in a binder (in this analogy, your hard drive), the information on the scratch pad is what you are using and need right in the moment. With RAM, it is right there for you to access. While RAM helps with the speed and efficiency of the computer, it can all be lost in an instant as it is volatile.

How to Conduct a Live Forensic Scan of a Windows Computer
Learn how to conduct a Windows live scan with ADF Solutions Digital Evidence Investigator. Two USB ports are required to complete a scan, one for the Collection Key and one for the Authentication Key, once the scan has started the Authentication Key can be removed. A USB hub may be used in cases where the target computer only has one USB port.
When running a live scan from a Collection Key it is possible to create a RAM dump of the computer. RAM dumps can then be analyzed with appropriate software (e.g. Volatility).
Posts by Tag
- Digital Forensics (154)
- Law Enforcement (90)
- Digital Evidence Investigator (88)
- Computer Forensics (69)
- How To Video (68)
- Mobile Device Investigator (66)
- DEI PRO (61)
- Digital Evidence (59)
- Triage-Investigator (57)
- Triage-G2 (55)
- Crimes Against Children (53)
- United States (53)
- Mobile Forensics (50)
- ICAC Task Force (46)
- Forensic Triage (42)
- Mobile Device Forensics (42)
- Triage (42)
- Triage-G2 PRO (42)
- Child Exploitation (40)
- Triage-Investigator PRO (40)
- Cyber Crime (37)
- ICAC (30)
- DEI PRO Field Tablet (29)
- Forensic Analysis (29)
- Project Vic (29)
- Human Trafficking (28)
- Law Enforcement Conferences (27)
- Knowledge Base Video (26)
- CSAM (25)
- Computer Forensics Video (25)
- Cyber Forensics (25)
- iOS Forensics (25)
- Android Forensics (24)
- AllinForensics (23)
- United Kingdom (22)
- Forensic Software (21)
- CAID (20)
- Military (19)
- Forensic Training (18)
- Internet Investigation (18)
- Mobile Triage Kits (18)
- High Tech Crime (17)
- Mobile Forensics Video (17)
- Police (17)
- Apple Mac Forensics (16)
- Custom Search Profiles (16)
- Field Forensics (16)
- Digital Media Investigator (15)
- Financial Crime (15)
- Military Police (15)
- Canada (14)
- Search Profiles (13)
- Sheriff (13)
- Photo Forensics (12)
- Computer Forensic Lab (11)
- Computer Triage (11)
- Counter Terrorism (11)
- Digital Devices (11)
- Cryptocurrency Forensics (10)
- Culture Code (10)
- Cybersecurity (10)
- Early Case Assessment (10)
- Prosecutors (10)
- RAM Capture (10)
- technology (10)
- DOMEX (9)
- IIOC (9)
- Site Exploitation (9)
- forensics (9)
- mobile device (9)
- Anti-Terrorism (8)
- Artificial Intelligence (8)
- Economic Crime (8)
- Forensic Science (8)
- Hash Sets (8)
- Identity Operations (8)
- MDI Field Tablet (8)
- ADF Authorized Partner (7)
- Digital First Responder (7)
- Entity Extraction (7)
- Europe (7)
- Force Protection (7)
- Project VIC UK (7)
- Classifier (6)
- Cyber Security (6)
- DFIR (6)
- Featured Video (6)
- Forensic Artifacts (6)
- Griffeye (6)
- Sensitive Site Exploitation (6)
- White Collar Crime (6)
- iOS (6)
- APFS (5)
- Anti-Forensic Traces (5)
- Austrialia (5)
- Boot Scan (5)
- Careers (5)
- District Attorney (5)
- Field Investigator PRO for Teams (5)
- Forensic Lab Solutions (5)
- IPOC (5)
- Language Gisting (5)
- Live Scan (5)
- PhotoDNA (5)
- BitLocker (4)
- Certified Forensic Computer Examiner (4)
- Cloud Computing Forensics (4)
- Collection Key (4)
- Dark Web (4)
- Fraud Forensics (4)
- Incident Response (4)
- Interpol (4)
- Probation (4)
- Singapore (4)
- South Africa (4)
- Special Forces (4)
- Special Operations (4)
- Standalone Viewer (4)
- Thumbcache Images (4)
- Translation (4)
- United Arab Emirates (4)
- Video Forensics (4)
- Basic Computer Forensic Examiner (3)
- Certified Forensic Examiner (3)
- Cloud Forensics (3)
- Drone Forensics (3)
- IACIS (3)
- IT Security (3)
- Machine Learning (3)
- Microsoft Windows Forensics (3)
- Parole (3)
- Rosoka Add-on (3)
- Security (3)
- Africa (2)
- Constable (2)
- Data Analytics (2)
- Detective (2)
- Digital Forensic Imaging (2)
- Forensic Accounting (2)
- Forensic Hardware (2)
- Forward Operator (2)
- Government (2)
- IT Forensics (2)
- Information Security (2)
- Labor Trafficking (2)
- Microsoft (2)
- Product Release (2)
- Sex Offender Management (2)
- Technology Partner (2)
- Asia (1)
- BCFE (1)
- Big Data (1)
- CFCE (1)
- Corporate Compliance (1)
- Data Decryption (1)
- Digital Forensic Workstations (1)
- Expert Witness Format (1)
- FLETC (1)
- Facial Analytics (1)
- Field Investigator for Teams (1)
- Insider Threat (1)
- Mexico (1)
- Modern Slavery (1)
- SDVOSB (1)
- Saved Credentials (1)
- Vehicle Forensics (1)
- Virtual Reality (1)
- adf certified training (1)