Getting to grips with EnCase

EnCase

I am currently in the middle of my first project using EnCase (http://en.wikipedia.org/wiki/EnCase), one of the leading computer forensic tools in the industry. It is a very in-depth tool, so it took some time to get used to all the features, to enable me to find all the evidence in the case study. Writing my first report has proven difficult so far, getting all the evidence collated in an orderly manner and making the explanation coherent. In the last few days it has been coming together nicely. Many other people on my course are talking about the same subject, around this last week more people have commented that they are getting the hang of it. 

EnCase does seem a little bit unstable on the university computers, it is better on my laptop, with the screen going white for extended periods of time while it is working hard. It is apparent that EnCase does have some security flaws, which people are bound to exploit if they are committing illegal activities, hopefully Guidance software continue to work hard at plugging the gaps and remain top of the forensic tools.

The University have very good access to forensic tools, accessed through a virtual machine to a "Forensic Caddy", this allows us to change the time and date settings without permanent damage. It is really important that we get to use the tools first hand, and get to know how to use them. This will hopefully help when trying to secure work after university as experience is now key in the job market.