Government Modernizing Software Forensics Database

November 18, 2011
Cyber Security, Education, FedCyber Wire
No Comment

A U.S. government database of popular software files is being modernized to keep up with advancements in digital forensics and e-discovery collection processes.

By comparing the database to the files found on a real-world computer, experts can determine which files should be examined for evidence or preserved for legal holds, and which can safely be deleted or ignored. The more accurate the database, the faster, less expensive, and more efficient the process can become.

The database is updated every three months and is maintained by four full-time employees, along with college students, at the National Institute of Standards and Technology’s National Software Reference Library in Gaithersburg, Md. “We have shelves full of the original media, almost 12,000 applications now. We take forensic-quality copies of the media and store them on a SAN,” project leader Douglas White explained, referring to unalterable images of vendors’ original files being saved on a business-class data storage network.

A version due in December will be noteworthy for adding Microsoft Office 2010 files, White said. Demand for that program became so important that White’s team stopped other work, refocused on Office 2010, and started over, he explained.

via Law Technology News, continued here.