OpenText Forensic is used primarily for analyzing devices from defense departments on both Linux and Windows PCs. I use OpenText Forensic to extract more data from seized devices compared to other tools. In comparison with Magnet AXIOM, EnCase, and other alternatives, OpenText Forensic consistently provides more data. I begin analysis with all on-premises cases that involve ransomware attacks or data exfiltration-related incidents. Additionally, I frequently use OpenText Forensic for validation purposes and to compare data with other tools.
Digital investigations have become faster and uncover more evidence across complex cases
What is our primary use case?
What is most valuable?
OpenText Forensic offers excellent features, including a very user-friendly interface that allows me to find data in a systematic way. The questionnaire provided from the client side generates answers on the dashboards, which means there is no requirement to conduct deep analysis to search for that information. Therefore, OpenText Forensic is my first choice to start the analysis of any case.
OpenText Forensic has proven to be very helpful when I correlate data, which significantly improves my daily workflow. Timeline analysis has been particularly useful, as the information recovered from slack space data provided valuable insights.
OpenText Forensic takes less time compared to other tools when parsing emails and logs, which is especially helpful when there are time-critical requirements.
OpenText Forensic has positively impacted my organization. When new investigators are recruited, they gain access to OpenText Forensic and quickly become comfortable with the tool, using it frequently for investigations. The amount of data recovered and extracted from OpenText Forensic is significantly larger compared to other tools.
OpenText Forensic demonstrates excellent speed with no system hanging issues. The tool is user-friendly, and the data recovery and extraction capabilities are superior to other tools, helping me obtain the answers needed for investigations.
What needs improvement?
OpenText Forensic could enhance several features. After completing investigations, data must be exported to another drive, and case management solutions are needed to handle the data. Implementing improved case management features within OpenText Forensic would allow quick access to previous cases. While some case management capabilities already exist, these features could be significantly improved.
Regarding OpenText Forensic's AI capabilities, governance and security should be the first priority for improvement. Although substantial progress has been made, further enhancement is possible.
I cannot fully rely on OpenText Forensic's AI for forensic investigations, but it does help accelerate the investigation process. However, investigations typically must be started manually because risks cannot be taken in forensic cases.
Additional features similar to IR-related tools such as Falcon EDR could be incorporated to enable more accurate correlation of data, particularly in malware analysis. Overall, OpenText Forensic is already at a good stage, and smart device analysis could also be improved.
For how long have I used the solution?
I have been working in my current field for fifteen years.
What do I think about the stability of the solution?
OpenText Forensic is stable.
What do I think about the scalability of the solution?
OpenText Forensic's scalability is good. I do not see issues with handling increasing workloads, whereas other tools such as EnCase experience performance issues, lagging, and system hanging.
How are customer service and support?
I am in touch with several individuals who possess strong technical knowledge and provide real-time support whenever required. I am satisfied with the technical teams of OpenText Forensic. I would rate OpenText Forensic customer support ten out of ten.
Which solution did I use previously and why did I switch?
Multiple solutions are used because investigating a case requires several tools. I use OpenText Forensic in parallel with Magnet AXIOM and EnCase, and these three tools are typically used for any investigations. OpenText Forensic is my first choice, followed by the other tools.
What was our ROI?
OpenText Forensic provides significant return on investment. The tool is very helpful in saving money compared to other tools, and it also saves time for my organization.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, setup cost, and licensing for OpenText Forensic, I typically purchase the tool through third-party vendors and receive support from both the OEM team and the vendor side. For licensing, I prefer a minimum three-year license, and the cost of this forensic tool is not overwhelming and remains within budget.
Which other solutions did I evaluate?
When evaluating difficulties with OpenText Forensic, I assessed other options such as Magnet AXIOM, which also offers a good dashboard similar to OpenText Forensic.
What other advice do I have?
I would recommend OpenText Forensic to others because of its user-friendly interface for investigators, which is very helpful in any investigation, including very large file images. I feel comfortable investigating terabyte-sized data with this tool. OpenText Forensic has proven to be very helpful. Regarding smart devices, I found OpenText Forensic is not as effective compared to one or more alternatives, so improvement in that area would be beneficial. I rate this product nine out of ten overall.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
