Select Page

Triage Investigator

Home » Computer Forensics » Software » ADF Solutions » Triage Investigator

Rapid Evidence Collection, Analysis & Reporting

Triage-Investigator® is ADF’s award-winning intelligent forensic triage tool designed for field deployment. The software has a proven track record of providing easy and quick access to court defendable evidence to process cases and leveraging investigators to assist forensic labs with the rapid collection, analysis, reporting, and managing digital backlogs.

Triage-Investigator® is easy-to-use, easily configurable, supports a wide array of computer hardware, has powerful boot capabilities, is forensically sound, and comes with technical support and regular upgrades.

Features Include

  • Automated / Easy-to-Learn with Pre-set Scans
  • Rapid Artifact & File Collection with Out-of-the-Box Forensic Scans
  • Highly Configurable to Build Your Case
  • Standalone Report Viewer (share with prosecutors!)
  • Should be deployed with at least 1 copy of Digital Evidence Investigator® software
  • Simple multi-workstation deployment with a single configuration file (new: version 5.1.0)
  • ADD-ON: Rosoka Entity Extraction and Language Translation Gisting (230 languages) available

    Request a Quote

    Product Code:


    First Name:

    Last Name:

    Email:

    Phone:

    Company Name:

    Shipping Address:

    City:

    Country:

    Postal Code:

    Ask a Question


    Available Products

    Triage Investigator

    Forensic Kit with 1 Year Subscription
    Product Code: AP-ADF-NEW-TINV-1YR

    Triage Investigator

    Forensic Kit with 1 Year Subscription
    Product Code: AP-ADF-NEW-TINV-3YR

    Triage Investigator

    1 Year Subscription Maintenance and Support Renewal
    Product Code: AR-ADF-REN-TRINV-1YR

    Triage Investigator

    3 Year Subscription Maintenance and Support Renewal
    Product Code: AR-ADF-REN-TRINV-3YR

    TRIAGE INVESTIGATOR SOFTWARE KEY FEATURES

    Empower field investigators with pre-set scans for automated on-scene collection and analysis.
    Control Your Field Investigators Rapid Collection Capabilities with DEI and Triage-InvestigatorⓇ

    Collect

    Empower non-technical field investigators with ADF’s fully automated, forensically sound, intelligent and highly configurable artifact and file collection software to start solving crimes on-scene.  

    • Easy-to-use and deploy with minimal training
    • Highly configurable artifact and file collection including web browser cached files, social media, P2P, Cryptocurrency, cloud storage, user login events, anti-forensic traces, saved credentials, files shared via Skype, USB history, user connection log, etc.
    • Recover deleted records from apps using the SQLite database (new: version 5.1.0)
    • Supports collection of forensic artifacts from Windows and macOS (including High Sierra and Mojave)
    • Search and collect emails including MS Outlook, Windows Mail, Windows Live Mail 10, Apple Mail
    • Investigate attached devices, live powered on computers, boot scans from powered off computers, forensic images, the contents of folders and network shares (including shares made available by NAS devices)
    • Enter keywords just before a live/boot scan (new: version 5.1.0)
    • Rapidly search suspect media using large hash sets (>100 million), including Project VIC and CAID
    • Find relevant files and artifacts using DEI’s powerful keyword and regular expression search capability
    • Image drives Out-of-the-box with image verification and imaging log file
    • Recover images from unallocated drive space
    • Use password and recovery key to decrypt and scan or image BitLocker volumes including those using the new AES-XTS encryption algorithm introduced in Windows 10
    • Process APFS partitions, NTFS, FAT, HFS+, EXT, ExFAT, and YAFFS2 file systems, compute MD5 and SHA1 on collected files for integrity validation
    • Collect password protected and corrupted files for later review
    • Collect iOS backups on target computers
    • Detect and warn of BitLocker and FileVault2 protected drives
    • Leverage powerful boot capability (including UEFI secure boot and Macs) to access internal storage that cannot easily be removed from computers

    Analyze

    • Use the single timeline view that combines files and artifact records with a user’s actions.
    • View results while a scan is running
    • Filter search results with sorting and search capabilities (dates, hash values, tags, text filters, more)
    • View pictures and videos organized by visual classes such as people, faces, currency, weapons, vehicles, indecent pictures of children
    • View links between files of interest and user’s activities such as recently access files, downloaded files, attachments, and more
    • Inspect video using the comprehensive video preview and frame extraction
    • Automatically tag hash and keyword matches
    • Define new file types and select individual ones to be processed
    • Display provenance, including comprehensive metadata, of all relevant files and artifacts
    • ADD-ON: Rosoka Entity Extraction and Language Translation Gisting (230 languages) available

    REPORT

    Triage-InvestigatorⓇ lets you create a standalone portable viewer for further analysis and reporting for prosecutors and other investigators.

    • Powerful reporting capabilities (HTML, PDF, CSV)
    • Export in VICS format