Now that Cellebrite Inseyets made its debut, the Community has sent in a number of questions and we want to ensure everything is clear as possible.  

Overview: What is Cellebrite Inseyets? 

It’s a suite of solutions combining UFED and Premium access and extraction capabilities (Cellebrite Inseyets.UFED), along with the decoding of Physical Analyzer (Cellebrite Inseyets.PA) paired with Cloud and overseen by Commander. It is not just bundling the previous solutions together, it offers much more. It has new capabilities and features such as Streamline, Triage and Autonomy.  

In the following video series, we will cover the common questions asked and do a hands-on overview of the new features.  

Extractions: What is Cellebrite Inseyets.UFED? 

In short, we are combining UFED and Premium extraction capabilities, giving everyone the ability to have advanced-level extraction with flexible unlock packages alongside new added features and capabilities. 

So what does this mean for you? 

Primarily there are two paths for customers: 

  • UFED & Physical Analyzer customer  
  • Premium & Physical Analyzer customer  

For UFED-only users, you are getting a lot of new value and capabilities. The simple advanced flows and the ability to obtain full file system and physical extractions of devices you had not previously been able to. The ‘Premium’ name will be going away. For Premium users, when they transition to Cellebrite Inseyets, will gain new capabilities of Streamline, Triage and Quick View.

The unlocking and extraction capabilities of Cellebrite Inseyets are the same ones used in Premium today. There are several deployment styles: 

  • Online 
  • On-Prem 
  • Offline 

Decoding 

What is Cellebrite Inseyets powered by Physical Analyzer? 

It is the evolution of Physical Analyzer 8.x or PA Ultra. PA Ultra transitioned into Cellebrite Inseyets.PA 10.x 

Cellebrite Inseyets.PA has all the features of PA Ultra.  

  • Resiliency as its built on a database infrastructure 
  • New location semantics (Visited, Points of Interest, and others) to help identify device locations 
  • Media Origins (help identify where media originated) 

New features being added into Cellebrite Inseyets.PA 10.x 

  • Quicker decoding engine update  
  • Streamline capabilities  

With Cellebrite Inseyets.PA you have access to Cloud extraction.  It is no longer a separate component, but included and ready to use when you need it. Cellebrite Reader is not going away.  It will remain available to users. 

New Features & Capabilities 

Quick View 

One of the new features of Cellebrite Inseyets.UFED, you have the ability to use Quick View. Quick view gives you an immediate glimpse into the device providing information that can help you determine if a device is relevant or worthy of further examination. Quick View information starts to be populated as access to a device starts to occur, even if a device is locked you will have information about it. The type of information you can obtain can be: 

  • Device Identifiers ( like IMEI, SN, Telephone number, IMSI and others) 
  • Device Users ( Account User information, AppleID / Google Email)
  • Usage Details (Installed applications, time settings, device uptime) 

You may even find plain text passcodes in here to help you when needing to build a dictionary for unlocking.  

Of course depending on the device state, will change what kind of data is available to you. You can easily search all of these field or export them into a report.

Triage 

Triage is a new feature available as part of Cellebrite Inseyets.UFED. It works on profiles which can be created using Commander and publishing them to all end points, or using the offline tool. Profiles can be created to quickly identify device identifiers like IMEI, SN or User Accounts or emails or where a device has been. The advantage to our triage is that it can be done even on a locked device, and that it takes places when you have full access to the device, and not limited to a surface level scan which mobile triage of the past was only able to do. Pair Triage with Quick View, you can very effectively reduce devices that require full extraction and examination. 

 

Streamline 

Streamline is a feature that connects the extraction component of Cellebrite Inseyets.UFED to the decoding side of Cellebrite Inseyets.PA. You can queue up an extraction and push it out to the decoding side of Physical Analyzer. You can have a case ready for examination or export the case into a report like UFDR ready to hand it over to other stake holders. Streamline is only available within Cellebrite Inseyets and needs both applications to be installed on the same machine.

Autonomy 

 Autonomy is a new server based solution that is meant for larger scale deployments of 10 endpoints or more. With Autonomy you can automate the decoding and reporting by leveraging workers and nodes. The more workers you have the more data it can process. Autonomy will monitor a folder and when an extraction is completed, it will kick off the automated decoding service. It will decode the data and then export it out to a report like UFDR.  

Power up your extraction and decoding capabilities. Connect with us to experience how Cellebrite Inseyets can accelerate your investigations. 

Talk with an Expert

Discover the latest features and access free resources to get the most out of our solution—visit the Cellebrite Inseyets Focus Hub

Share this post