US-LATT™

Have you considered the risk in traditional pull-the-plug forensics where vital volatile data such as current user activity, running processes, and memory-resident malicious code may be lost, hindering investigations?

In critical settings like server environments without hot backup, mission-critical systems, medical environments, and time-critical investigations, how do you mitigate the limitations of pull-the-plug forensics?

What methods do you have in place to preserve vital real-time information before shutting down a suspect computer system, given the complexity of today’s technological environments?

THE PROBLEM

Many traditional methods of digital evidence collection can result in the loss of volatile data, leaving gaps in the investigation and potentially failing to recover all relevant evidence.

Solution: US-LATT provides:

  • Targeted Evidence Collection: Including physical memory, screenshots, running processes, and more.
  • Versatile Application: Applicable to law enforcement, private sector, and regulatory compliance.
  • Simple Acquisition Process: Even first responders without IT background can collect evidence.
  • Urgent On-Scene Examination Capability: Analysis can begin at the scene if needed.

Benefit: US-LATT ensures a complete picture of the events that occurred on the system, preserving essential information, and enabling a more effective and efficient response.

OUR SOLUTION

Enhance Digital Investigations with US-LATT

  • Targeted Collection of Volatile Data: US-LATT recognizes and preserves critical, time-sensitive evidence that could be lost through traditional methods.
  • Comprehensive Evidence Handling: From collecting memory to taking screenshots, US-LATT provides a multifaceted approach to digital evidence gathering.
  • Quick and Efficient Triage Process: Helps DFIR teams prioritize their response, ensuring the most critical and volatile evidence is collected first.
  • Ease of Use: Designed with accessibility in mind, US-LATT accommodates users of various skill levels, from seasoned IT professionals to first responders and field personnel who may not have a background in digital forensics.
  • Versatile: US-LATT is suitable for use in a variety of settings, from law enforcement to private sector investigations and regulatory compliance.

US-LATT serves as an essential tool for digital investigations, ensuring that no vital evidence is lost, and promoting efficient and thorough analysis.

FEATURES OF US-LATT

  • Designed for live acquisition and triage of evidence.
  • Collects physical memory, screenshots, running processes, and more.
  • Includes capabilities for on-scene analysis if urgent examination is needed.
  • Simple configuration and insertion process for evidence collection.
  • Applicable to law enforcement, private sector, and regulatory compliance.
  • Enhances digital investigations by preserving essential real-time information.

Schedule a Demonstration

Click Here

US-LATT
Use Case
Law Enforcement

Click Here

US-LATT
Use Case
Corporate DFIR

Click Here
  1. Incident Response: During a suspected cyber-attack, a member of the corporate security team, or a designated first responder, could use the US-LATT device to quickly capture valuable volatile data from the affected system(s). This action can be performed even before the arrival of the specialized DFIR team, helping to preserve critical evidence that might otherwise be lost.
  2. Forensic Investigations and Audits: In cases of suspected misconduct or policy violations within the company, the DFIR team could use the US-LATT to gather evidence from the systems of the personnel involved. This could be particularly useful in cases where the systems are still operational and potentially containing volatile data of interest.
  3. Training and Empowering Select Staff: Select personnel who are part of the emergency response team or those who frequently deal with sensitive data can be trained and equipped with US-LATT. These individuals can then act promptly during an incident, capturing crucial evidence even before the specialized DFIR team steps in. This proactive approach can significantly reduce response time and enhance the chances of successful evidence collection.
  4. Critical Business Server Protection: Critical servers in corporate environments often house sensitive data and underpin essential operations. Forensic analysis that requires system shutdowns is generally not feasible due to potential disruption of operations and possible significant financial repercussions. Moreover, server shutdown could lead to loss of crucial volatile data. In such scenarios, US-LATT is a powerful tool. With US-LATT, security personnel can gather volatile data from live systems, allowing comprehensive investigations to occur without jeopardizing business continuity.
  1. Real-Time Cybercrime Investigations: US-LATT, being a USB device, can be swiftly used on any compatible system without requiring complex setup procedures. In cybercrime scenes where the criminal's computer is still running, first responders can plug in the preconfigured US-LATT to start gathering crucial evidence immediately.
  2. Immediate Scene Triage: When law enforcement officers arrive at a scene, time is often of the essence. With a preconfigured US-LATT, even non-technical officers can start gathering volatile digital evidence right away, capturing important data like screenshots, running services, active network sessions, and more.
  3. Evidence Collection for Legal Proceedings: Officers with minimal training can use US-LATT to gather data in a forensically sound manner. The tool’s inbuilt capabilities ensure that data integrity is maintained, making the evidence suitable for legal proceedings.