Browse by Year:

CIO Review >> Magazine >> December - 2014 issue

SysTools Software: Building Innovative Tools for Digital Forensics

By

The digital forensics industry is evolving significantly as we are entering a new age of computing shaped by the Internet of Things. In the coming years, every device and appliance will become smarter, which means the users will generate and leave a visible trail of their presence and activity. Therefore, in the near future, every activity, including any law enforcement investigation, will have a digital forensics component. “Digital forensics market is very promising and there is great scope for both new and old players. It is one of those segments where technology advancement has direct correlation. Every new technology will bring challenge for the cyber forensics world to understand the technology from forensics perspective and come up with a solution,” says Anuraag Singh, Co-founder & CEO, SysTools Software. Headquartered in Pune with a branch office in New-Delhi, the company has been providing products and solutions which are being directly and indirectly leveraged by the Digital Forensics community for the past seven years.

In a short span of time, SysTools has been able to impress leading law enforcement agencies within and outside the country with its products and other solutions. “The legal community and law enforcement agencies are overloaded with work and it is difficult for them to understand the complexities of technology. Our objective has been to provide simple solution which requires no technical know-how, to help them in their daily work.” adds Singh. SysTools provides its services across a diverse range that includes data recovery, digital forensics, and cloud backup. The smart tools developed by the company are focused on business compliance and risk management. “Our aim was to develop innovative software applications that could maximize the potential of data recovery, both on-premise and on cloud in the most intense and adverse scenario,” says Debasish Pramanik, Co-founder & CTO, SysTools Software.

Redefining Digital Investigation
One of the major challenges that Digital Investigator community faces today is the fact that digital evidences that are stored are in a state that is not readable. SysTools has its own proprietary technology to read data from disk(s) or file(s) which are corrupted or unreadable or deleted. The company equips investigators with the power to forensically investigate multiple file types or databases within a secure range of processing via the digital forensic range of software applications. It focuses on providing core Digital Forensics solution through its products like MailXaminer and MailPro+.

MailXaminer is a comprehensive tool for digital investigator to investigate cases where digital evidences are in the form of emails. It enables complete lifecycle of investigation through a single tool i.e. from collecting data to analysis and production of data. The tool also ensures that chain of custody is maintained and evidences are preserved throughout the investigation process. It supports more than 20+ email platforms including web based platforms and allows investigator to perform multiple types of search to aid him/her in investigation. Another product in portfolio of SysTools is MailPro+ which is built with email viewer along with advanced email recovery algorithms to support the scanning and analysis of email data, from an extensive variety of desktop based email clients and server mail storage.

By providing simple and easy-to-use solutions, SysTools has a vision to ensure that its tools are among top three tools that any Digital Investigator or Firm needs to have.


Acquiring the evidence lawfully
One of the leading manufacturers of software products recently came across a software piracy issue in an Asian country and reported the matter to the investigating agency in that country. Based on the initial report, the law enforcement agency caught the offender and seized various electronic artifacts such as laptop, workstation, hard disk and external drive. Further investigations were carried out with the offender and it was found that the modus operandi used by offender was to use hundreds of email account created on popular webmail provider. The offender would use one of these accounts to negotiate the deal with his customers.

The challenged faced by investigating agency was how the evidence stored in the form of email within those hundreds of accounts could be acquired in a manner which was accepted by the court of law. SysTools MailXaminer came to the rescue of the investigating agency by supporting acquisition of emails with its various meta information (which is required from legal perspective) from webmail. Once the emails were acquired, it provided powerful search capabilities which included regular expression, fuzzy search, stem search and proximity search techniques to search on various keywords as suggested by the investigation agency's legal attorney. It then allowed the selected evidence to be reviewed by legal attorney to narrow down the evidence.