TOP 10

MOST
UNDERRATED

FTK ®

F E AT U R E S
 Package up your data and
1 send to a detective with
portable case—
Export your data into a portable case for
offline review. No need to spend time
generating reports that can only be viewed in
a couple of different formats. Portable case
makes your life easier with a quick export.
Also, labels and bookmarks created by the
reviewers are synced back to the original case.

A simple uncluttered
2 review platform with
multi-case functionality—
Enjoy a simple, intuitive and customizable,
panels-driven review interface. This interface
is designed with the reviewer in mind,
utilizing multi-case functionality such as
tagging, searching, labeling and bookmarking
across multiple cases. And, easy mobile chat
application and multimedia review, along with
similar face and image detection are all backed
by a unified database.

2 Top 10 Most Underrated FTK Features © 2021 Exterro, Inc. // exterro.com

 Enhanced system
3 summary—
No more manual searching through registry
files to find relevant data. FTK 7.4.2
introduced parsing support for AmCache
registry files, SRUM artifacts, Windows
timeline events and more. Not only that,
but you can also label, bookmark and export
individual objects to easily search, filter,
and report.

Volatile data differentials—

4 Perform differential analysis on volatile
data to see changes over time and facilitate
identification of potential threats. And,
with the latest update of Volatility users
can perform memory acquisitions as well as
analysis from the latest Windows OS including
Windows 10 and Windows server 2019.

3 Top 10 Most Underrated FTK Features © 2021 Exterro, Inc. // exterro.com

 Automate processes with
5 Python abilities—
Invoke and utilize the capabilities of Python
scripting directly from within the interface,
which keeps all the data in one location
and reduces the risk of spoliation. Python
scripting provides two key advantages.
First, it can be used as a custom parser for
non-supported data and applications, which
eliminates manual processes used previously
for non-supported data. Second, it can be
used to create custom reports to easily
present complex information and analysis to
non-technical stakeholders like attorneys or
prosecutors.

Automate forensic
6 collection and processing—
The available API automates time-intensive
investigative workflows and enables a secure
connection between your cyber platform and
FTK Enterprise. If the cybersecurity software
detects an attack, it sends an alert that is
received by the software, which initiates a
collection job at a designated endpoint based
on pre-defined collection criteria.

4 Top 10 Most Underrated FTK Features © 2021 Exterro, Inc. // exterro.com

 Preview and filter live
7 data at the endpoint—
Take a live look at the data on the endpoint,
filter and pull back only the data relevant to
your investigation saving time and cost.

Detect potential malware

8 using URL analysis and
parsing capabilities—
Get a head start on your investigation with
URL detection and parsing capabilities across
devices, without regard to browser, now
neatly organized under one section so that
you can easily review the data and connect
the dots in your investigation.

5 Top 10 Most Underrated FTK Features © 2021 Exterro, Inc. // exterro.com

 New processing options
9 Get to the web activity that matters most,
quickly with pre-filtered web page categories.
Web artifacts will be grouped into categories
such as social media, mapping, adult, and
much more! Use Facial and Item recognition
to automatically locate images containing
that content. The chat application parser
will display mobile chat data, allowing users
to create clear reports of communications
between individuals, groups, or cross
applications.

Quality of life
10 improvements—
Enhancements like faster item list loading,
automatic column switching, new columns,
columns organization and parsing will
help you move through the tool easier
and more efficiently so you can find the
evidence quicker.

6 Top 10 Most Underrated FTK Features © 2021 Exterro, Inc. // exterro.com

 CONCLUSION
Exterro is committed to investing in and modernizing FTK,
with the more robust features users have been asking for, while
injecting powerful new technology to deliver the future of
forensics within the tool users already know and trust.

For more than 30 years, FTK has pioneered forensic

investigations and we are proud to be the only American
owned and operated forensic company in the industry.

Turn to the FTK product family when you need the gold standard in forensic
investigation tools. The FTK portfolio will transform the investigative
environment, empowering users with pioneering tools so that they can get
access to evidence faster and help uncover more relevant findings when
processing and analyzing data, while understanding connections that could
sharpen focus and direction.

GET A DEMO

7 Top 10 Most Underrated FTK Features © 2021 Exterro, Inc. // exterro.com