The helping hand you need for your investigations
Call Us
+1-801-796-0944
Send Mail
forensics@paraben.com
Process from All Data Sources
- Logs
- Firewalls
- Routers
- Computers
- Internet Data
- Registry
- Files
- Smartphone Data
- Messaging
- Apps
- User Data
- Cloud Data
- Apps
- Files
What is Zandra AI,
and how does it work?
Zandra specializes in Digital Forensics and Incident Response (DFIR) by leveraging advanced techniques to analyze and correlate data from a wide range of sources. Its primary goal is to quickly assist investigators by analyzing forensic artifacts and activity logs from client PCs, mobile devices, firewalls, servers, and other security subsystems.
Zandra uncovers logical connections between events and contextual meaning in communications to provide insights into what occurred. Zandra is a helper for the investigator or incident responder with the analysis of vast quantities of data at scale and link events together.
How does
data normalization work?
To ensure compatibility with the AI, all forensic data must be normalized to specific formats. Supported formats include:
- Common Microsoft Office formats (.DOCX, .XLSX, .PPTX, etc.)
- Text-based formats (.TXT, .CSV, .JSON, .HTML, .PDF) For emails, data from .PST/.OST containers must be converted to .PDF or .TXT.
- Database can be imported to the built in MySQL in Zandra or converted to .CSV or .XLS formats for processing by the integrated vector database.
Data can be provided to Zandra through other tools or follow the workflow with Paraben’s E3 Platform to produce compatible data.
What is the Legal Impact
of AI in an investigation?
While the Zandra AI can efficiently cross-correlate and analyze data, the forensic examiner remains responsible for verifying the results and ensuring that the analysis complies with legal standards. This first-party knowledge is essential for any testimony in court, as the examiner must demonstrate that they conducted the analysis and confirmed the findings before making any legal statements. Zandra has been designed to act as a team member to a forensic examiner or incident response investigator and point each of them to where valuable information can be found for an investigation.
The integration of artificial intelligence (AI) into a digital forensics and incident response (DFIR) laboratory presents both significant opportunities and potential challenges. To ensure responsible and effective utilization of AI technologies, it is crucial to establish a comprehensive policy framework. This policy should address key aspects such as data handling, ethical considerations, validation procedures, and compliance with legal requirements.
Recognizing the complexities involved in developing such a policy, we have created a customizable template designed to assist DFIR labs in seamlessly integrating AI into their operations. This template provides a foundational structure, outlining best practices and considerations for AI implementation within a forensic environment.
By adopting a proactive approach and implementing a well-defined policy, laboratories can maximize the benefits of AI while mitigating potential risks. This ensures that AI tools are used ethically, legally, and effectively, ultimately enhancing the accuracy and efficiency of digital investigations.
We encourage you to review our policy template, which can serve as a valuable resource in your organization’s journey towards responsible AI integration. Access the template and begin shaping your lab’s AI policy today. Policy Template
What are the Zandra AI
deployment options?
Zandra AI Cloud Deployment
In Zandra’s 100% cloud deployment, data is secured through multiple layers. A vector database, with inherent data obfuscation, stores information. Access is strictly controlled via Validian multi-factor authentication. Data at rest is encrypted within a Validian volume. Furthermore, prompts and retrieved document text utilized for response generation are securely transmitted and stored within Zandra’s private Groq cloud. Notably, user chat logs are explicitly excluded from any AI training processes.
Zandra AI Machine Deployment
In Zandra’s local deployment, data resides within an obfuscated vector database. System access security is governed by the host machine’s configuration. However, Validian encryption secures Zandra’s data stores, protecting against unauthorized access and theft.
- Local Processing: All vector database data and AI processing remain strictly local on the machine, ensuring no data exposure outside the system.
- Cloud Processing: While the vector database remains local, prompts and document text required for response generation are securely transmitted to Zandra’s private cloud. User chat data is explicitly excluded from AI training.
Frequently
Asked Questions
QUESTION: How is Zandra AI priced?
The Zandra AI system is designed to be priced as a SaaS model. The monthly fee is determined based on the active subscription to the E3 Forensic Platform.
- Non-Paraben E3 License Zandra Ai
- E3 License +Ai (Premium Users)
The default deployment for Zandra is through the MS Azure Cloud. An additional custom option for deployment can be done with custom hardware with Zandra AI deployed on the hardware.
QUESTION: How is my case data secured?
The Zandra system employs robust data storage and security mechanisms. Document text is stored on the Zandra server within a vector database, which is itself contained within an encrypted Validian volume, ensuring data at rest encryption. Similarly, the MySQL database, also hosted on the Zandra server and used for relational data, is both encrypted by Validian and stored within an encrypted Validian volume, providing layered protection. For AI response generation, prompts and relevant document text extracted from the vector database are securely transmitted to and stored within Zandra’s private cloud environment at Groq. Crucially, user chat logs are explicitly excluded from any AI model training, guaranteeing user privacy and data confidentiality.
QUESTION: Can I create reports with Zandra AI?
Yes, you can create an output of Zandra AI based on what you prompt for her to generate. For example “output the results of this data into an html timeline.”
QUESTION: Can somone else access my case data with Zandra AI in the cloud?
The cloud version is 100% dedicated to the user, the server instance is per user and no other people access it. The server files are in a Validian encrypted partition on the server.
QUESTION: When seeing the results from a Zandra session, will it point back to the E3 data, so we can easily add to the report?
Zandra AI can point to this data from E3 if the referenced data was uploaded as the source for Zandra. For example, if in the E3 report the examiner selects to include evidence item number as part of the report that data will stay referenced with Zandra to be able to reference back to it.
QUESTION: Does the Zandra AI have any language limitations?
Zandra AI can understand 160 different languages and can accept data in prompts in any of those lanaguages or a mix of those languages. In additional Zandra AI can understand unique data such as emojis when reviewing information.