enterprisesecuritymag

Probity: Revolutionizing Digital Forensics

Dave Ryberg, Director of Truxton Forensics Sales, ProbityDave Ryberg, Director of Truxton Forensics Sales
The exponential growth in the volume of data seized presents one of the biggest challenges digital forensic analysts are faced with on a daily basis. The size, variety, and quantity of data involved in every investigation create a myriad of challenges at the government, corporate, and local law enforcement levels. “To effectively fight the digital forensics battle, organizations invest in dozens of specialized tools. However, the key to solving an investigation is making correlations between all of the data sources and finding a way to share it across local, regional, and national organizations,” begins Dave Ryberg, Director of Truxton Sales at Probity Inc.

Backed by a dynamic team seasoned in object-oriented design and development, enterprise search, storage management, and virtualization, Probity has proven its chops by solving big forensic data problems with a powerful combination of people, hardware, software, and expertise. The company provides engineering and related services and develops tools, networks, and systems that aim at solving problems specific to digital forensics.

In an effort to assist clients to move to the cloud, integrate across multiple systems, and collaborate effectively among local, regional, and national offices, Probity brings a revolutionary digital forensics platform— Truxton—to the table. Truxton is an agnostic, automated platform that provides customers with actionable information quickly, in one convenient place.

“Truxton represents a revolution in digital forensics,” says Ryberg. It moves away from the traditional siloed, monolithic approach of data forensics by eliminating the need to go through thousands of ‘file piles’ manually. This allows users to process vast amounts of data quickly and efficiently, providing actionable information to investigators and analysts at any location. It also enables different organizations and locations to collaborate on the same file or investigation simultaneously. This approach allows important correlation of data with both historical and concurrent investigations to be identified easier than ever before.

“The only constant in digital forensics is change. What works today may not be a viable solution tomorrow,” opines Ryberg. “That’s why we designed Truxton to be an open framework that is adaptable, allowing you to integrate new tools, hardware, and technology to keep up with the latest exploitation techniques. We know that we cannot solve every digital forensics problem on our own— so our solutions and software allow customers to leverage innovative tools and integrate them into our product without requiring proprietary code,” he explains.

The key to solving an investigation is making correlations between all of the data sources and finding a way to share it across local, regional, and national organizations


A wide variety of digital images from hard drives, phones, drones, automobiles, and IoT sources can be placed in the Truxton platform to find correlations easily. It filters down the ‘forensic chafe’ into unique artifacts that are likely the key pieces of the investigative puzzle. Truxton runs continuously in the background to allow investigators to multitask on other cases and job responsibilities. This allows computers to take care of the mundane tasks of digital forensics, and leaves the abstract thinking to seasoned analysts and investigators. Truxton is a true ‘workforce multiplier’ that allows organizations to automate their digital forensics processes.

To keep pace with the demand for digital forensic services, Probity has recently invested in the market with the acquisition of US Data Forensics, a professional lab dedicated to civil forensic services, e-discovery, and data recovery. USDF has a staff of highly trained former federal, civil, and legal examiners with decades of experience. “We were looking for a way to help private industry with their investigations, without investing in the hardware, software, and training required to create and manage an internal lab,” said Ryberg. “It also helps ensure that our Truxton product is continuously tested and updated to handle the latest forensic challenges.”

“At Probity, we’ve found that the most effective way to help our customers is by providing a turn-key solution to a problem instead of offering an independent set of tools that require the customer to make multiple purchases of hardware, software, and integration components which may not work right out of the box.”

“We were recently approached by a customer looking for a way to collect and correlate digital evidence in the field, so that it could be shared with local and regional offices and command centers in a quick, efficient manner, without extensive training or expertise.” Probity took on this challenge and developed the Portable Forensics Lab (PFL), a backpack with everything required to collect evidence from a variety of sources. Truxton analyzes this collected data and automatically identifies the important artifacts. It also identifies any correlations and provides concise reports of actionable information that are easily sent up the chain of command.

Moving forward, Probity looks forward to enhance its cloud, hybrid, and enterprise platform and is currently working on partnerships to leverage their technology for expanded capabilities and performance.