ATC-NY’s new forensics tool – Mem Marshal 1.0 – is a user-friendly, automated memory analysis system that assists and automates computer forensic investigations of volatile memory (RAM) images. Mem Marshal enables computer forensic investigators to analyze and effectively make use of information contained in volatile memory. Memory analysis produces important, case-relevant data for investigators that cannot be obtained from disk analysis, such as running applications, open files, and a ctive network connections.
Mem Marshal enables investigators to focus and enhance time-consuming disk analysis. It reduces investigation time by using information acquired from memory images, which can be searched and analyzed quickly. Mem Marshal follows forensic best practices and maintains a detailed log file of all activities it perform. It produces reports in RTF, PDF, and HTML formats. Mem Marshal is currently available at no cost to US law enforcement. For more information on how to obtain a free copy visit their web site at: www.memmarshal.com
Mem Marshal is part of ATC-NY’s Cyber Marshal forensics products, including P2P Marshal, Live Marshal, Mac Marshal and Router Marshal that are currently in use by US law enforcement in all 50 states to investigate cyber crimes. Visit the Cyber Marshal site at www.cybermarshal.com