Forensics Timeline Analyser
Collection and organisation of digital evidence can be a cumbersome task which requires lots of time and effort. Moreover, sorting the evidence by time makes the task even harder, but gives great value to a digital investigation. Examining actions and events happening at the same time or around the same time can potentially unveil valuable information and help investigators spot evidence patterns and hidden relationships that can lead to the root cause of an incident faster.
Our Forensic Timeline Analyser provides an intuitive and effective way to organise and visualise digital evidence in an interactive timeline which unlocks time inspection capabilities and reveals temporal relationships and activity patterns. The Analyser can be plugged in existing security and monitoring software, e.g. SIEM solutions, nagios, zabbix, snort, etc and offer extensive timeline representation of events, logs and measurements. Moreover, it can be used to enhance more traditional forensic analysis methods, by letting users create their own timeline of events by manually inserting events and milestones of a forensic investigation and view them on an online timeline visualisation which can be shared and therefore foster team-work during the investigation.