© Trufflepig Forensics

Cyber crime is now the order of the day. Many companies and individuals have been victims of a cyber attack at some point. Increasing networking on various end devices such as laptops, tablets or smartphones and the expansion of mobile working means that the gateway for cyber criminals is becoming easier and easier. At the same time, preventing and tracking cybercrime is becoming more difficult for businesses and law enforcement agencies.

The startup Trufflepig Forensics would like to change this with the development of an innovative analysis platform to support IT forensics. The technology supports incident response teams in companies as well as law enforcement authorities.

The task is  to react quickly and reliably to identify threats and in collecting important evidence to  convict the cyber criminals.

The software can be used in any industry and has been supported by the BMBF's StartUpSecure funding program since January 1st with a total volume of around 0.77 million euros.

“By evaluating the working memory of various end devices, many important insights into the defense and attacks of cyber criminals can be obtained. At the moment, however, the experts need many different tools for this, which is why the process is still very complex and time-consuming. Our solution should change that. We have developed a new type of tool for memory analysis that bundles the number of necessary work steps and thus significantly reduces them. At the same time, the platform enables a reliable evaluation of the memory image of devices and a court-proof logging, ”explains Aaron Hartel, CEO of Trufflepig Forensics.

With the support of the funding program in funding phase II, the team would now like to continuously develop the solution and gain the first users in the field of law enforcement and in companies. The startup also aims to test the application internationally.

The start-up incubator of the same name, StartUpSecure | ATHENE, based at the Fraunhofer Institute for Secure Information Technology SIT and at the Technical University of Darmstadt, provided intensive support and advice to the founding team with their technical and economic expertise.

Memory analysis reveals cyber crime and repels attacks

With the help of memory forensics, law enforcement authorities can secure important evidence in the context of investigations and use it in court.

With the help of the memory analysis, the so-called incident response teams in companies are also enabled to determine the exact extent of the damage after data-related incidents such as malware attacks, to initiate effective countermeasures and to document the events.

Due to the large number of different technical systems to be evaluated, many different tools are currently still required. The Trufflepig Forensics solution combines a multitude of analysis options on a single memory analysis platform. The startup reduces the complexity by linking different data sources or comparing the images of several systems.

The speed of the evaluation can be increased significantly through innovative elements, such as the fully automated analysis of the main memory of different operating systems. An intuitive graphical user interface enables users without in-depth system knowledge to carry out a comprehensive memory analysis.

A cryptographically secured reporting system with strict access rights management also protects the analysis results from subsequent manipulation, so that ideally the personal appearance of the expert in court is superfluous.

For the future, the startup has decided to sell the software solution in different versions depending on the needs of the user. In addition, services such as training on software and services on request should be possible in order to successfully introduce the solution to the target group