AMP Threat Grid Empowers Law Enforcement to Fight Cybercrime
Security | Mar 9, 2015
Computers are central to modern criminal investigations, whether as instruments to commit the crime, as is the case for phishing, hacking, fraud or child exploitation; or as a storage repository for evidence of the crime, which is the case for virtually any crime. In addition, those using computers for criminal activity continue to become more sophisticated, and state and local law enforcement agencies struggle to keep up with their internal computer forensics/digital investigation capabilities. Malware analysis is also a critical part of digital investigation: to prove or disprove a "Trojan defense" for suspects, wherein the accused rightly or falsely claims a malicious software program conducted the criminal activity and not the user; and to investigate unknown software and suspicious files on the computers of the victims of cybercriminal activity for evidence of the crime.
The AMP Threat Grid for Law Enforcement program is designed for state and local agencies with fewer than 1,000 sworn officers. In the United States, this encompasses more than 99.5 percent of law-enforcement agencies. Once empowered with AMP Threat Grid, within seconds of a threat-intelligence query or withing a few minutes of submitting a suspicious file or URL for analysis, an investigator will have the ability to view and download an easy-to-read and comprehensive report detailing the actual behavior of the submitted file, including changes to the file system, registry, command-and-control communication, downloads, code injection, and other malicious activity.
- Two portal user accounts per agency
- Up to five samples (of suspicious files or compute programs) or URLs submitted per day, per user, for analysis through the portal or via the API integration with EnCase Forensic
- Unlimited sample queries through the portal or via the API integration with EnCase Forensic, including file hash values, IP addresses, domains, registry keys, and file paths
- The AMP Threat Grid Malware Analysis and Intelligence for EnCase EnScript and installation guide, training manual and video, and EnCase Forensic case template
- Access to regularly scheduled law enforcement-only WebEx sessions for training and peer discussion