Full Access to VeraKey by Grayshift with Brian Fitch

Episode 28

Full Access to VeraKey by Grayshift with Brian Fitch
Episode Summary

Grayshift wants to allow customers to remove limitations such as inadequate computers and the need to use expensive external units. VeraKey has delivered the ability for investigators to share evidence regardless of geographic boundaries. 

VeraKey is Grayshift’s solution for commercial customers who want a GrayKey device, the collection tool used by law enforcement. Unlike GrayKey, VeraKey is a consent-based mobile forensic solution. It performs the same function in performing full file system collection from a device and providing that for forensic analysis.

Listen Now

Listen to Full Access Podcast on Apple Podcasts Listen to Full Access Podcast on Podbean
Listen to Full Access Podcast on iHeart RadioListen to Full Access Podcast on Spotify
Listen to Full Access Podcast on Amazon MusicListen to Full Access Podcast on Google Podcasts

Show Notes

[01:50] Profile of this episode’s Guest: Brian Fitch, Senior Product Manager – Grayshift

  • Brian was instrumental in the development and release of VeraKey.
  • He has been the Product Manager for a variety of companies.
  • Twenty-five years ago, he started his cybersecurity career in customer support and transitioned into sales or systems engineering.

 

[08:11] Endpoint Detection and Response(EDR) and Manage Detection and Response(MDR)

  • EDR is what antivirus and anti-malware have morphed into today. It protects endpoints against the latest threats and gives customers information about what is happening at those endpoints.
  • Sometimes something new can get into the system that isn’t detected by anti-malware or antivirus. EDR reports against that.
  • MDR ingests the alerts of EDR and sends them through software engineering and artificial intelligence to take out actionable security alerts for customers.

 

[13:31] Brian’s journey to Grayshift

  • Brian had heard of the company and the positive outcomes it helped deliver, so he had been interested in joining Grayshift for a while.
  • More and more people he knew and had good working relationships with had joined Grayshift.
  • When a product management position opened, he pursued it and started with Grayshift last summer.

 

[17:38] What is VeraKey?

  • VeraKey is a consent-based mobile forensics solution offering plug-and-play functionality to perform a full-file system collection while offering simultaneous data analysis when coupled with Grayshift’s new ArtifactIQ.
  • A significant benefit is the ease with which collections can be shared, even with geographical separations in an investigation.
  • The best feature is the ease of use. Following the workflow, the full file system is extracted. The user can opt to upload to ArtifactIQ and reach their first fact faster while performing analysis.
  • The main difference between VeraKey and GrayKey is that VeraKey is a consent-based device only. It cannot unlock or brute force a phone like GrayKey. The companies using VeraKey have the consent of the device custodian and are usually performing a corporate investigation.

 

[20:24] ArtifactIQ and how it works with VeraKey

  • ArtifactIQ is a cloud based analytics tool. When VeraKey starts collecting data, it gives you the option to send that collected data to ArtifactIQ simultaneously. 
  • Once in the cloud, ArtifactIQ pulls the most important data forward and puts it in an easy-to-read format inside the same user interface.
  • Investigators can then review data easily and quickly.

 

[24:59] Research from the private sector

  • Grayshift spoke with many digital forensic examiners in the private sector while conducting research for the creation of VeraKey.
  • Companies were adamant about protecting their employees from outside threats such as litigation of a perceived malpractice event.
  • Commercial customers benefit from having consent for the collection, usually due to the device being a corporate-owned device or having a Bring Your Own Device agreement.

 

[33:40] Prioritizing the roadmap for innovations

  • Prioritization is one of the most fun and frustrating parts of being a product manager.
  • Many organizations follow a framework such as Weighted Shortest Job First (WSJF) or Reach Impact Confidence Effort (RICE) to prioritize what problems to solve first.
  • There’s no right or wrong method for prioritization. Organizations need to determine what approach would work best for them.
  • Brian primarily focuses on ensuring the company addresses the right problems first.

Subscribe to Full Access

Listen to Full Access Podcast on Apple Podcasts Listen to Full Access Podcast on PodbeanListen to Full Access Podcast on iHeart Radio
Listen to Full Access Podcast on SpotifyListen to Full Access Podcast on Amazon MusicListen to Full Access Podcast on Google Podcasts

< PREVIOUS EPISODE

NEXT EPISODE >