Architecture

There's nothing revolutionary about thinking big.
Or is there?

The forensic world is drowning in digital data. Traditional forensic tools are scrambling to keep up, looking for methods to scale up to handle enormous media files, allow improved collaboration, and the capability to exploit a tsunami of data sets and file types. The end result? Mission Impossible.

Enter Truxton. A revolutionary, automated forensics platform that is built from the ground up to scale out, down, and up. Truxton was designed for multi-user, collaborative forensic environments to handle big data, and turn raw data into actionable information.

Truxton Scales

Truxton is built from the ground up to scale down to a laptop, up to big iron, and out to a network or cloud.

Data volume is increasing at an exponential rate. The only way to solve this problem is to use distributed forensic processing, which allows you to share the workload over as many machines as you need to get the job done.

By separating components, Truxton allows you to leverage the hardware you have, expand to a larger network or secure cloud environment, and still take a fully functional laptop lab right into the field. This allows Truxton to be suitable for lab, ADF, regional, and national agency environments, right out of the box.

Truxton Automates

Truxton is designed to let computers do what they do best: continuously process information 24/7.

Three Stage Processing

Our revolutionary 3-stage processing doesn’t just automate loading—it also automates data exploitation and report generation.

1. Automated Loading

Truxton uses a distributed loading process that works in the background, allowing you to leverage multiple machines and pause or prioritize your work without losing data. You can even review data while it loads.

2. Automated Exploitation

Truxton is more than a fancy file viewer. It is a powerful exploitation program that searches within your data and creates actionable information in summary form. It lets the computer do the mundane tasks and lets you spend your time solving the case.

3. Automated Reporting

Truxton automatically records your findings in a jury-ready report, complete with directory information and definitions, and it logs every step and process you use in the investigation, making your time on the stand easier than ever before. There’s even automatic management reports that keep track of all of the investigations, data, and resources used in your lab!

Truxton Adapts

A single platform to automate your forensic toolbox.

The world of digital forensics moves at the speed of light.

New devices, file formats, and social media platforms make keeping up nearly impossible. That’s why we’ve built Truxton using a non-proprietary architecture that lets you add in any tool right into the automation process.

Truxton comes out of the box with the go-to tools you use every day to process and carve most common file types. Don’t have a tool? Write your own. Use Python, C#, or any program you would like.

Has your development team already created a custom carving tool to meet a specific requirement? Add it in with just a few lines of code. Show me how

Truxton Collaborates

We're not chasing the dream of collaborative investigation. We're already there.

Tear down the silos that are holding your data hostage.

One of the shortcomings of traditional forensic tools is the siloed nature of the data extracted from each piece of seized media. Once data is extracted, it is usually stored in a database that is ‘locked’ into the software tool that performed the extraction.

This prevents investigators from simultaneously looking at all of the files pertinent to an investigation in a single place. It also eliminates the possibility of making any correlation between other, seemingly unrelated or historical cases.

Truxton uses a single database repository that allows media to be used in multiple investigations, without reloading. It also allows Truxton to provide alerts for shared entities like passwords, SSIDs, credit card numbers, or other user-defined terms. It can also report hash hits, sensitive site violations and Yara malware alerts across broad geographic or organizational boundaries.