European Federal Police Agency Becomes a Processing Powerhouse with FTK® Lab
When faced with large-scale investigations, law enforcement agencies turn to FTK Lab to divide and conquer massive data sets in a collaborative, scalable environment. FTK Lab quickly gets evidence into the hands of investigators to solve cases and secure indictments faster.
Some cases produce such massive amounts of data that they overwhelm existing equipment. FTK Lab can provide more power when needed by utilizing multiple machines and distributing the processing load across an entire server farm, not just a single piece of hardware.
A centralized processing farm with up to 16x distributed processing engine (DPE) capabilities can cut through large data sets in just hours vs. days. In addition to speeding up data analysis, FTK Lab can also improve reliability by using a system with redundant processing in the event of hardware or software failure and glitches.
7 Terabytes of Data Processed in Less Than 2 Hours
One European police agency was able to produce astounding processing and indexing results with their distributed setup of FTK Lab. The agency configured one Distributed Processing Manager (DPM) to manage 11 Distributed Processing Engines (DPEs), thus distributing the processing power across 11 pieces of hardware for lightning-fast results.
Each of the 11 DPEs was also enterprise-grade hardware, designed specifically for superior processing performance. Solid state drives (SSDs) are known to be faster and more durable than hard drives, and Xeon Gold CPUs are optimized for heavy workloads and offer high scalability. With 128 GB of RAM per machine, they also deliver peak processing speeds. With this configuration, the agency processed 7 terabytes of data from a Mac image, including a backup folder and several PST email files, in only 1 hour and 40 minutes. When including indexing, the 7 TB was completed in less than 12 hours (11 hours and 44 minutes).
“FTK Lab has gone through the data like a wildfire and we are very happy about it.”– Digital Crimes Investigation Unit
Additional Features of FTK Lab
Real-Time Collaboration
Centralized architecture and one shared case database keep all parties on the same page. With its web-based review system, non-technical users such as attorneys and outside experts can participate in the process without delay, regardless of their location.
Role Assignment
Allow each user to access only the data relevant to their part of the investigation. Dividing the evidence creates a more efficient and secure workflow, so you can bring in non-technical users without worrying about the data being compromised.
Mac® Investigations
Perform Mac investigations like never before with parsing support for Apple® Mail, iMessage®, iWork®, Safari®, Outlook® for Mac email, and Mac artifacts like Spotlight®. Plus, process AFF4 images 10x faster than the competition!
AI-based Video Recognition
Eliminate hours of manual video review by leveraging AI to automatically identify and flag key points of interest such as knives, guns, blood or other preconfigured categories.
Facial & Image Recognition
Train your system to look for specific individuals or find objects within images and then filter your results to look only at those pictures. Speed up investigations and draw connections without looking through every image or thumbnail. Minimize interaction with explicit CSAM images during forensic review with Project Vic and CAID integration to help protect the investigators who protect the most vulnerable.
Internet Browser and Web-Based Email Evidence
Almost every investigation involves the analysis of Internet artifacts. Web-browsing caches store records of sites a suspect has visited, web-based emails may help to prove intent or correlate other events, and instant message conversations or social media sites can contain evidence. FTK Lab groups URL search history from all browsers in one section, organized by date, time, and category (e.g., Adult, Chat, Dark Web, News, etc.)
Flexible Cloud Deployment
FTK Lab can even be easily deployed in a cloud environment like AWS or Azure to scale your environment, control costs, and save on hardware. Pay only for what you use with reliable cloud processing and storage — just bring your own license to the marketplace.
Integrated Offline Language Translation
Collect, process, translate, and review cross-border investigations and multilingual data sets in one forensic platform, saving time and money on contextual translation services.
OCR Processing Powered by ABBYY®
Virtually eliminate retyping and reformatting with new precision document conversion capabilities by ABBYY OCR and its unmatched text recognition, accuracy and speed.
