Belkasoft Incident Investigations is a tool for digital incident investigations and is aimed to incident response professionals, working in a corporate environment. The product helps to identify traces left over from malware and hacking attempts on a Windows computer.

Key Features

• Detect suspicious traces in most typical locations, including registries, event logs and less known files

• Analyze how malicious code persisted in the system by analyzing services, scheduled tasks, WMI subscriptions, Applinit DLLs and so on

• Learn how and when malware was executed by examining various artifacts such as Amcache and Shimcache, Syscache, BAM and DAM

• Extract remote connections details including IP and time stamps for RDP and TeamViewer

• Find potential initial attack vector by analyzing recently opened documents and browser links, latest downloads and so on

• Search inside extracted information, bookmark important data and create reports in multiple formats

Why Should You Consider Belkasoft N?

• Quickly respond to hacker attacks thanks to all necessary data conveniently presented on a single screen.

• Detect impactful security events by analyzing numerous sources, such as registry, event logs, other system files and less known sources.

• Search inside found artifacts, bookmark important data and generate comprehensive incident reports right after the analysis stage.

• Benefit from the analysis functionality of images acquired by Belkasoft X, Belkasoft R, and Belkasoft T as well as by the third-party tools.

• Comparing to the pricing of the alternative products, it will fit your budget easily.

Use Cases:

Endpoint attacks,malicious email activity,anomalous user activity,remote access attacks,attacks correlation with known vulnerabilities.