Why Digital Witness?

Criminals no longer use telco voice and messaging networks and over 90% of criminal internet traffic is encrypted. Free OTT voice and messaging services provide no useful data to a forensics analyst and many law enforcement agencies (LEAs) have stopped using data warrants altogether. Better solutions are needed to protect law-abiding citizens.

Digital Witness Image 1

What can LEAs do?

Online criminal activity leaves digital clues. With the right tool, crucial network forensics metadata can be extracted while still maintaining privacy. During a criminal investigation, the applications and devices being used by a suspect, and with whom a suspect is communicating, can determine whether or not to pursue an arrest. The time to transition data to evidence needs to be very short, and a system that can report network forensics details is crucial.

Digital Witness Image 2


Digital Witness: The next generation of network forensics

Digital Witness is a revolutionary solution designed to help LEAs extract clues from network data by classifying and correlating encrypted traffic with patented accuracy. LEAs can apply Digital Witness to warranted lawful intercepts of mobile or broadband traffic to gain application forensics data in near real time. This data can be presented in a summary or detailed view for analysis.

Digital Witness Image 3


VoIP Forensics
VoIP Forensics leverages the identification of hundreds of VoIP applications used on the internet today to determine what communication applications are being utilized by suspects and correlated calls between groups of suspects under a warrant. 
Messaging and File Exchange Forensics
Messaging and File Exchange Forensics reveals the file exchanges and messaging contacts regularly used by a suspect and correlated calls between groups of suspects under a warrant. 
Application Forensics
Application Forensics reveals a massive amount of data on the internet and lifestyle activity of a user, including details like devices used, email services, social media, car driven, content categories, and even countries communicated with, all of which may provide leads in a stalled case.
Cryptocurrency Forensics
Cryptocurrency Forensics focuses on a suspect’s interaction with cryptocurrency mining and online wallets. Cryptocurrency activity can be mapped against public blockchain ledgers to determine if a suspect could be behind a number of cryptocurrency identities using Bitcoin, Etherum, or other common cryptocurrencies.
Social Media Forensics
Social Media Forensics correlates Social Media Upload records to compare with online posts – matching time, size, and the specific social media service to the suspect behind anonymous social media accounts.
VPN Forensics
VPN Forensics shines a light on the VPN activities of a suspect, highlighting the specific VPN services or technologies being used by suspects and potentially correlating VPN activity with other suspects. Behavior analysis is also used on VPN traffic to determine if VoIP calls or large file transfers are occurring with the VPN.