.png%3Falt%3Dmedia%26token%3D3c56f135-f35f-4b1d-ad36-dca78b5c9823)
.png%3Falt%3Dmedia%26token%3D3c56f135-f35f-4b1d-ad36-dca78b5c9823)
Timeline
How to create timelines for your investigations?
Timelining has been one of the most critical parts of Digital Forensic investigations while also being the most time-consuming part.
The traditional way of creating timelines is collecting evidence, parsing them, and combining the results using CSV files.
AIR comes to the rescue for solving this problem. With only a few clicks, you can easily create timelines for multiple endpoints in parallel and see the results on a collaborative, web-based user interface in which you can tag/flag each piece of evidence.
Timelines can be created from a single endpoint and can be easily enriched using additional evidence such as:
- Additional Endpoints
- CSV Files
- Milestones
- Off-Network Acquisitions
All the flagged/tagged evidence is listed in the "Flagged" section that makes it easy to create reports before finalizing an investigation.
Last modified 1yr ago