Due to the rise in the number of virtual operating systems in the public
and private sector, ProDiscover releases its new Virtual Machine and
Virtual Hard Disk comparison features, which will assist organizations
in identifying unauthorized system changes in an extremely efficient and
forensically sound manner.
As the use of virtual operating systems increase for mission critical
applications and servers across the enterprise, so too does the risk
that those machines will fall victim to compromise. While a virtual
environment allows mitigation of an incident to be done almost
instantly, there will still be a need to investigate what data may have
been compromised and what methods were used to gain unauthorized access.
By comparing the compromised virtual machine against its previous
snapshots, the examiner will be able to pinpoint the exact time of the
compromise and identify the hostile files.
"We are extremely excited about our latest features that will allow
an accelerated forensic examination and comparison of Virtual Machines
or Virtual Hard Disks against their snapshots. We utilized a similar
cutting edge technology that we developed to compare Volume Shadow
Copies to the live machine, and output options that allow the examiner
to conduct a temporal analysis. This software addition will help
organizations identify quickly when a compromise has occurred and what
system files were added, deleted, or modified by the hacker’s malware,”
states Anthony Reyes, CEO of The ARC Group of New York.