IREC Evidence Types

Our proprietary IREC forensic evidence collection engine is by far the most comprehensive DFIR tool currently available. 

  • More than 120 different evidence types collected in less than 10 minutes
  • RFC 3161 compliant Timestamping (first and only tool in the market)
  • Evidence SHIELDing against Ransomware (first and only tool in the market)

A full list of the current evidence collected is below.

Evidence List

system evidence types
disk evidence types
memory evidence types
browser evidence types
ntfs evidence types
registry evidence types
network evidence types
event logs evidence types
wmi evidence types
Process Execution evidence types
other evidence types

Artefacts List

server artifacts
microsoft applications artifacts
communications artifacts
social artifacts
productivity artifacts
utility artifacts
developer tools artifacts
cloud artifacts