What's new in version 5.1 of Belkasoft Evidence Center
What's new in version 5.1 of Belkasoft Evidence Center
New major features
- Jumplists supported. The product now allows investigating an extremely
useful source of information: Windows jumplists.
Note: This new feature is available for free to valid license holders of Evidence Center Pro and Forensic Studio Ultimate editions. You have to redownload your license in order to obtain this feature. - Gradually adding found profiles. Previously, the product could spend a couple of hours going through the entire drive or image before displaying the full list of found profiles. In this release, it adds profiles immediately as they are discovered. You can now immediately review what has been found so far.
- Support for EnCase 7.05. The product is now integrated with all major releases of EnCase v.7 from 7.02 through 7.05.
- UTC/Local time cleanup. The time and date are now shown as local time or UTC time with regards to what time is actually stored by the application being analyzed.
- Grouping of artifacts. Search Profiles and Carve Device windows now show all supported artifacts grouped. This enables you to, for example, de-select Mac OS X and Linux data types when you are investigating a Windows image. This, in turn, helps you save time because the tool is now looking for fewer types of information.
Instant Messengers are grouped by the Operating System type, Digital Pictures are grouped by the format type; Video and Document types are now shown.
- Dropbox support enhanced. The product now extracts more information from Dropbox data.
- Facebook support enhanced. We have reviewed the latest updates to Facebook, and supported all of them. The new release discovers much more Facebook data and extracts more pieces of evidence out of it (for example, datetime stamp is added)
- Internet Explorer 10 is supported
- Additional video types are supported: 3GP and 3G2
- EML generation introduced. You can export all found, selected or bookmarked emails into EML format.
- A lot of mounting issues solved. The mounting component became much more stable, and does not lock up. Many previously problematic images are now processed perfectly.
- NateOn Korean messenger supported.
Smaller enhancements
- Less false positives. We have cleaned up some evidence types that were previously throwing annoying false positives with rubbish texts. The new release greatly reduces the number of such occurrences.
- Mailbox extraction performance. Emails are extracted much faster than before. Besides, the user interface becomes more responsive when you are going through extracted emails.
- Memory consumption improved. There are less Out Of Memory errors during report generation as well as email extraction.
- iPhone/iPad backup extraction. The product now can recreate Apple device backup file structure to a selected folder
- Large attachments are not stored in a database. To improve database performance and data storing performance, the product does not store huge attachments in the database, but rather stores them as files inside a user app data folder.
- Passwords for Opera now extracted more correctly. Previously there was some mess in what was a password and what was a login, now everything is shown correctly.
- A lot of new translations were introduced. Now we support English, German, Spanish, Russian, Arabic, Vietnamese, Chinese, and Japanese!
- Hotmail support enhanced. Hotmail analysis updated, new signatures added.
- Windows 8 supported. The product has been tested on Windows 8 and shown perfect performance on this OS.
The product supports more than 240 artifact types, which keeps it an indisputable leader in its class of products.
Enjoy using the product!
See also:
Belkasoft Evidence Center 5.0
Belkasoft Evidence Center 4.2
Belkasoft Evidence Center 4.1
Belkasoft Evidence Center 4.0
Belkasoft Evidence Center 3.9
Belkasoft Evidence Center 3.8
Belkasoft Evidence Center 3.7
Belkasoft Evidence Center 3.6
Belkasoft Evidence Center 3.5
Belkasoft Evidence Center 3.0
Belkasoft Evidence Center 2.0