Belkasoft Evidence Center 9.5 Aims to Help in Corporate Investigations

Belkasoft Evidence Center 9.5 Aims to Help in Corporate Investigations
Palo Alto, CA, April 18, 2019 --( Belkasoft releases a major update to Belkasoft Evidence Center, the company’s flagship digital forensic solution. The new release adds a number of features to help IT security staff analyze incidents and perform remote investigations, investigate hacking attempts and analyze evidence across case boundaries. With this update, Belkasoft Evidence Center aims to help companies investigate incidents occurred on their corporate network or corporate mobile devices.

Remote Acquisition of Corporate Computers
Belkasoft Evidence Center 9.5 adds a major new feature to enable IT security personnel investigate incidents without leaving premises. Remote acquisition helps investigators obtain full device images of corporate servers or workstations running in a distributed environment. By using centralized deployment, IT security staff may install an acquisition agent to any computer running on the corporate network. This agent will then obtain full images of the computer’s volatile memory and hard drives without preventing normal operation and without the need to remove the hard drive(s). Whether the organization has one or multiple locations, this new feature allows non-invasive incident investigations in distributed environments.

Analyzing Hacking Attempts with Incident Investigation
Incident Investigation is another new feature that further expands how Belkasoft Evidence Center is used in corporate environments. Incident Investigation helps companies investigate hacking attempts of Windows-based computers by performing an automated analysis of numerous sources. The tool analyzes the Windows registry, event logs and memory dumps to discover traces of successful and unsuccessful remote attacks that are commonly used to break in to the company's infrastructure.

Cross-Case Analysis
Searching for, locating and analyzing evidence is a major function of Belkasoft Evidence Center. The search engine has been massively enhanced and improved in version 9.5, allowing investigators locate and link evidence across different cases. Examples of linked information may include email addresses, phone numbers, account ID’s or user profiles that may be present in the current case as well as in older cases. With this feature enabled, a cross-case search hit triggers a prominent alert in the status bar.

Mobile Acquisition and Analysis
Belkasoft Evidence Center 9.5 improves mobile acquisition and analysis by adding the ability to process and analyze Android phones’ backups made with the most popular custom recovery TWRP. TWRP images contain file system images of the entire data partition complete with all files and folders including sandboxed app space. For iOS devices, the tool can perform the full file system extraction via a jailbreak. The two features are provided via a separate Mobile Device Analysis module.

Other Improvements and Enhancements
Belkasoft Evidence Center 9.5 offers numerous performance and usability enhancements, massively improved search performance and better reporting and exporting. More information about what has been updated in version 9.5 is available at

About Belkasoft Evidence Center
Belkasoft Evidence Center is a world-renowned tool used by thousands of customers for conducting mobile, computer, RAM and cloud forensic investigations. Belkasoft Evidence Center can automatically acquire digital devices; discover, extract and analyze evidence from a wide range of sources including mobile backups and dumps, computer hard drives and disk images in all popular formats, and memory dumps. The tool can capture and analyze volatile evidence stored in the computer’s RAM, identify encrypted files, carve Internet chat logs, Web browsing history and email communications including information stored in digital pictures and videos. The ability to process office documents in a wide range of formats enables investigators to perform near-instant full-text search among all the documents discovered on the suspect’s PC.

Low-level access to hard disk and system structures means that even data that has been deleted by the suspect cannot escape from investigators. Supporting Windows, Unix/Linux, Android and macOS file systems, natively mounting images created in EnCase, FTK, X-Ways, DD and SMART formats, GreyKey, UFED and OFB images, JTAG and chip-off binary dumps, and many popular virtual machines without using these or any third-party tools, Belkasoft Evidence Center can collect more evidence than any single competing tool in its class.

Pricing and Availability
Belkasoft Evidence Center is available immediately. Prospective customers are welcome to request a quote at or download the evaluation version at

Existing customers with non-expired Software Maintenance and Support contracts can update to version 9.5 free of charge. Incident Investigations, Remote Acquisition and Cross-Case Search modules can be purchased separately.

About Belkasoft
Founded in 2002, Belkasoft is a global leader in digital forensics technology, known for their sound and comprehensive forensic tools. With a team of professionals in digital forensics, data recovery and reverse engineering, Belkasoft focuses on creating technologically advanced yet easy-to-use products for investigators and forensic experts to make their work easier, faster, and more effective.

With this focus in mind, Belkasoft introduces their flagship product, Belkasoft Evidence Center - an easy-to-use, integrated solution for collecting and analyzing digital evidence from mobile and computer devices. Customers in law enforcement, police, military, business, intelligence agencies, and forensic laboratories in 130+ countries worldwide use Belkasoft products to fight homicide, crimes against children, drug trafficking, data leakage, fraud, and other online and offline crimes.

More information about the company and its products at

Information on Belkasoft Evidence Center as well as the free demo download are available at

The complete list of additions and enhancements in the current release is available at
Belkasoft LLC
Yuri Gubanov