February 25, 2008

Guidance Software Announces New Capabilities for EnCase(R) Information Assurance to Further Address Government Cyber Security Challenges

PASADENA, Calif., Feb 25, 2008 (BUSINESS WIRE) -- With intrusion attempts from terrorists, spies and hackers at an all-time high worldwide and the White House proposing more than $6 billion in funding to protect government networks, Guidance Software, the World Leader in Digital Investigations(TM), today announced new capabilities that allow federal agencies to identify, assess and remediate policy violations and vulnerabilities across the network. These capabilities are part of Guidance Software's EnCase(R) Information Assurance solution which is designed for government agencies to protect networks, detect and successfully react to information attacks, and remediate sensitive data leakage. Guidance Software also unveiled the EnCase Bit9 Analyzer, a new product that allows federal agencies to determine the threat level of files and running processes on their networks.

Guidance Software's EnCase Information Assurance solution automates crucial Information Assurance processes, such as classified spillage auditing, auditing of system processes, incident response and even remediation. It enables government agencies to scan thousands of nodes at unprecedented speeds, understand at the deepest level what is stored or occurring on machines, and if necessary, remediate improper activity without disrupting operations. With EnCase Information Assurance, government agencies can experience significant cost and time savings and enable compliance with critical mandates, such as FISMA and DCID 6/3.

New capabilities for EnCase Information Assurance include:

-- System Audit and Compliance: This solution employs powerful forensic search and volatile data analysis capabilities to find potential threats on a system so that agencies are confident of the contents of their information assets and can identify deviations from known baselines. If unknown processes or malicious binaries are identified, users can--from a central location and without disruption to the end-system--remove the unknown or malicious programs from those computers.

-- Vulnerability and Threat Assessment: This solution allows agencies to, from a central location without business disruption, assess and prove systems meet security standards as dictated by the DISA Security Technical Implementation Guides. It allows agencies to automatically and repeatedly assess their entire network to compare each machine to IAVA vulnerabilities and generate reports that detail if machines are in compliance and identify vulnerabilities if they are not.

These new capabilities, combined with the functionality already present in EnCase Information Assurance, offer a powerful solution for government agencies to support their defense-in-depth strategies. They complement:

-- Data Audit and Compliance: This solution allows government agencies to conduct powerful network-enabled, targeted audits for data, such as classified spillage, without further contaminating the network. It allows users to proactively or reactively search for, identify and remediate classified data spills and confidential data leakage of any kind, including personal identifiable information and other sensitive types of data. Search criteria can include file type, file signature, keywords, metadata, hash values, and custodians.

-- Automated Incident Response: This solution automates computer-related incident response and analysis across the entire network and integrates with security information management systems. When an alert meets predefined response criteria, the solution automatically takes a snapshot of the volatile data contained on target nodes, collecting and analyzing relevant incident response data. Each response is automatically triaged to confirm the event is real. If malicious or unknown activity is identified, the results are displayed in a user-friendly web portal or emailed out to provide the information needed to confirm or deny an event took place. Furthermore, the solution has the ability to reach across the network and thoroughly remediate the issue.

Guidance Software is also proud to announce the availability of the EnCase Bit9 Analyzer, a product that can be added to enhance EnCase Information Assurance to extend the latest in software identification and authentication by leveraging Bit9--the world's largest database of "hash values," which identifies files as good, bad, or unknown--to determine the trust level of files and processes on the agencies systems in support of investigations, compliance checks and audits. The EnCase Bit9 Analyzer also integrates with Guidance Software's EnCase Enterprise platform to support its ability to search, collect, preserve, analyze, and report on large amounts of data in an organization.

"Federal CIOs are faced with the constant challenge of responding to sensitive information leaks, as well as a broad range of threats, including hacking attacks and foreign intelligence activities," said Victor Limongelli, President and CEO of Guidance Software. "CIOs also need to ensure adherence with standards, regulations and best practices as defined by FISMA, NIST and IAVA. Guidance Software's EnCase Information Assurance product helps organizations address these threats and regulations, while reducing operational costs and improving response time."

Guidance Software's launch of EnCase Information Assurance in 2007 followed a decade of leadership in digital investigation solutions for law enforcement and government agencies, as well as a successful expansion into the enterprise. Its EnCase Enterprise product is used by more than 100 of the Fortune 500 and over half of the Fortune 50. Guidance Software has also built an impressive list of government agency clients for its EnCase solutions, including the FBI, SEC, State Department, Department of Justice, Department of Defense, and others.

About Guidance Software (GUID)

Guidance Software is recognized worldwide as the industry leader in digital investigative solutions. Its EnCase(r) platform provides the foundation for government, corporate and law enforcement organizations to conduct thorough, network-enabled, and court-validated computer investigations of any kind, such as responding to eDiscovery requests, conducting internal investigations, responding to regulatory inquiries or performing data and compliance auditing -- all while maintaining the integrity of the data. There are more than 20,000 licensed users of the EnCase technology worldwide, and thousands attend Guidance Software's renowned training programs annually. Validated by numerous courts, corporate legal departments, government agencies and law enforcement organizations worldwide, EnCase is also frequently honored with industry awards and recognition from eWEEK, SC Magazine, Network Computing, and the Socha-Gelbmann survey.


SOURCE: Guidance Software

Guidance Software
Ed Essa, 626-229-9191, x247

Copyright Business Wire 2008

News Provided by COMTEX

Close window | Back to top

Copyright 2018 Guidance Software, Inc.