When conducting on-scene triage for any type of crime it is essential to be prepared for any devices you may encounter. It is important to pre-plan and try to figure out what type and how many devices you may encounter, but no matter how many times you read the report or conduct pretextual calls your estimate is going to be off. You need to be prepared and have the ability to adapt and overcome.
Digital Forensic News & Events
Bringing investigators digital forensics and cybersecurity related news from around the world. #AllinForensics


How to Have a Digital Forensic Triage Process that Works Field to Lab
In this 3-minute "How To" video, you'll learn the benefits of having a digital forensic triage process that works from field to lab. Using ADF digital forensic tools, examiners can prepare field investigators to find digital evidence and intelligence on mobile phones, tablets, computers, and storage devices starting on-scene.

macOS Forensics: Live Scan Macs with T2 or M1 chips
Investigators can now scan all available Mac computers (including macs with T2 or M1 chips) with all types of encryption and virtual drives by running a remote agent that communicates with the desktop application. Now you can perform digital forensic triage on all Macs including
- macOS T2 chip
- macOS M1 chip
- Mac Fusion Drive

What is RAM Capture and Why does it Matter?
RAM, short for Random Access Memory, is physical hardware that temporarily stores data for quick read and write access. Think of RAM as a scratch pad you use while working; although all the information you need and may refer to is stored in a binder (in this analogy, your hard drive), the information on the scratch pad is what you are using and need right in the moment. With RAM, it is right there for you to access. While RAM helps with the speed and efficiency of the computer, it can all be lost in an instant as it is volatile.

How to Conduct a Live Forensic Scan of a Windows Computer
Learn how to conduct a Windows live scan with ADF Solutions Digital Evidence Investigator. Two USB ports are required to complete a scan, one for the Collection Key and one for the Authentication Key, once the scan has started the Authentication Key can be removed. A USB hub may be used in cases where the target computer only has one USB port.
When running a live scan from a Collection Key it is possible to create a RAM dump of the computer. RAM dumps can then be analyzed with appropriate software (e.g. Volatility).
Get Your News (once a month)
Posts by Tag
- Digital Forensics (132)
- Law Enforcement (89)
- Digital Evidence Investigator (85)
- How To Video (68)
- Mobile Device Investigator (63)
- Computer Forensics (58)
- Triage-Investigator (56)
- Triage-G2 (55)
- DEI PRO (53)
- United States (53)
- Crimes Against Children (49)
- Digital Evidence (49)
- ICAC Task Force (45)
- Forensic Triage (42)
- Triage (42)
- Mobile Forensics (41)
- Triage-G2 PRO (41)
- Triage-Investigator PRO (40)
- Mobile Device Forensics (37)
- Child Exploitation (36)
- Cyber Crime (36)
- Forensic Analysis (29)
- ICAC (29)
- Project Vic (29)
- DEI PRO Field Tablet (26)
- Law Enforcement Conferences (26)
- Cyber Forensics (24)
- AllinForensics (23)
- CSAM (23)
- iOS Forensics (23)
- Human Trafficking (22)
- Android Forensics (21)
- United Kingdom (21)
- CAID (20)
- Forensic Software (19)
- Forensic Training (18)
- Internet Investigation (18)
- Mobile Triage Kits (18)
- High Tech Crime (17)
- Military (17)
- Custom Search Profiles (16)
- Field Forensics (16)
- Police (16)
- Apple Mac Forensics (15)
- Digital Media Investigator (15)
- Financial Crime (15)
- Canada (14)
- Military Police (14)
- Search Profiles (13)
- Sheriff (13)
- Computer Forensic Lab (11)
- Counter Terrorism (10)
- Culture Code (10)
- Cybersecurity (10)
- Early Case Assessment (10)
- RAM Capture (10)
- technology (10)
- Computer Triage (9)
- Cryptocurrency Forensics (9)
- DOMEX (9)
- Digital Devices (9)
- IIOC (9)
- Photo Forensics (9)
- Prosecutors (9)
- Site Exploitation (9)
- forensics (9)
- Anti-Terrorism (8)
- Economic Crime (8)
- Forensic Science (8)
- Hash Sets (8)
- Identity Operations (8)
- MDI Field Tablet (8)
- Digital First Responder (7)
- Entity Extraction (7)
- Europe (7)
- Force Protection (7)
- Project VIC UK (7)
- mobile device (7)
- ADF Authorized Partner (6)
- Artificial Intelligence (6)
- Classifier (6)
- DFIR (6)
- Forensic Artifacts (6)
- Griffeye (6)
- Sensitive Site Exploitation (6)
- White Collar Crime (6)
- APFS (5)
- Anti-Forensic Traces (5)
- Austrialia (5)
- Boot Scan (5)
- Careers (5)
- Cyber Security (5)
- Field Investigator PRO for Teams (5)
- Forensic Lab Solutions (5)
- IPOC (5)
- Language Gisting (5)
- Live Scan (5)
- iOS (5)
- BitLocker (4)
- Certified Forensic Computer Examiner (4)
- Collection Key (4)
- District Attorney (4)
- Fraud Forensics (4)
- Incident Response (4)
- Interpol (4)
- Singapore (4)
- South Africa (4)
- Special Forces (4)
- Special Operations (4)
- Standalone Viewer (4)
- Thumbcache Images (4)
- Translation (4)
- United Arab Emirates (4)
- Basic Computer Forensic Examiner (3)
- Certified Forensic Examiner (3)
- Drone Forensics (3)
- IACIS (3)
- IT Security (3)
- Machine Learning (3)
- Microsoft Windows Forensics (3)
- Rosoka Add-on (3)
- Security (3)
- Africa (2)
- Constable (2)
- Dark Web (2)
- Data Analytics (2)
- Detective (2)
- Digital Forensic Imaging (2)
- Forensic Accounting (2)
- Forensic Hardware (2)
- Forward Operator (2)
- Government (2)
- IT Forensics (2)
- Information Security (2)
- Labor Trafficking (2)
- Microsoft (2)
- PhotoDNA (2)
- Technology Partner (2)
- Video Forensics (2)
- Asia (1)
- BCFE (1)
- Big Data (1)
- CFCE (1)
- Data Decryption (1)
- Digital Forensic Workstations (1)
- Expert Witness Format (1)
- FLETC (1)
- Facial Analytics (1)
- Field Investigator for Teams (1)
- Insider Threat (1)
- Mexico (1)
- Modern Slavery (1)
- SDVOSB (1)
- Saved Credentials (1)
- Vehicle Forensics (1)
- Virtual Reality (1)
- adf certified training (1)