Morning All,

EnCase are launching a new product called EnCase Portable. Its a USB Data gathering tool, so you basically plug and go. I havent seen it for myself yet but I assume its similar to the Microsoft Cofee offering to law enforcement, although the EnCase version wont be free. So plug the device into the machine (boot depending on the situation) and then select the information you need from the menu, and away goes the tool.

I have posted a little bit of information, with a video on my blog if you want a looksee.

EnCase Portable kit includes:

    * 4GB USB drive with EnCase Portable preinstalled
    * 16GB drive for additional storage
    * 4 port USB hub
    * EnCase Portable security key
    * User guide
    * EnCase Portable installation CD
    * Carrying Case
Key Features

    * Plug in and collect data immediately
    * Enable novice computer users to be data collectors in matter of minutes
    * Acquire data anywhere with EnCase Portable’s pocket-sized kit
    * Search and collect cyber-intelligence without leaving a trace
    * Store collected data in the forensically sound, court-validated EnCase® Logical Evidence File format
    * Capture data from running or powered-off systems
    * Customize search and collection jobs to create and configure more complex search criteria
    * Easily install EnCase Portable on any USB drive

I think this is a good thing, in that any old Tom, Dick or Harry in the field can be sent out to carry out data collection with little training, and no software experiance and then send back to the lab for the real work to be done.
I am sure people will be sceptical, and questions needs to be answered, but I think we will see similar offerings from other vendors in the future.

Guess I will have a closer look at it, thanks for the info.

Searched some time ago for the mentioned coffee but it looks like there is hardly a possibility to get it as a private person. Would love to get my hands on it tough.

Good to know, thanks.

Just curious but has someone hands-on experience with coffee and could supply some more information as already available? Don't know if this is allowed or not though.

I just got my ENCASE Portable. I have not used it just yet, but as soon as I do, I will post here.  It is a really neet, slim pack, and I am excited to see exactly how it performs.

Just a quick update, I have had a little look at WOLF / COFEE and it does seem a good tool. I am not sure if its the same version that has been given to the police forces etc, but there did seem to be some issues around running it with the appropriate priv's, it also needed access to the logged in system and I am not to sure this was the original goal.

Obviously as this a Microsoft internal tool, support outside is limited.

@dalepearson: Is WOLF the same as COFFEE? Did a quick search and couldn't find much information about it.
May I ask where you could test it? Would be very interested to test it out as well.

Thanks for clarification. Didn't came across WOLF before.

May I ask where you had the chance to test it? Just curious.