Shadow and Shield / Capability Catalog
Shield 399 capabilities.
An overview of the workflows Shield 399 is being built to support, from evidence acquisition and drive sanitization to analysis, case work, reporting, and tool execution.
This page will continue to change as the hardware, software, and release materials are finalized.
Platform
Appliance, dashboard, profiles, and operational records.
Shadow and Shield combines evidence acquisition, drive sanitization, analysis, case management, reporting, tool execution, and selected synchronization capabilities in one coordinated platform.
Evidence Acquisition
Forensic imaging, logical extraction, evidence scanning, and smart-card reading where supported.
02 / SanitizeDrive Sanitization
Wipe/Overwriter, SSD handling, device-assisted sanitize paths, verification, and post-wipe formatting.
03 / AnalyzeDrive Analysis
Hashing, hash comparison, keyword search, timeline views, and encryption indicators.
04 / MoveMigration and Cloning
Image conversion, bit-for-bit disk cloning, and partition-aware drive migration.
05 / HealthDrive Health
Drive, partition, filesystem, SMART, and warning context where exposed by the USB-connected device.
06 / CasesCase Management
Case records, evidence references, active case context, assignments, and operational history.
07 / ReportsReporting and Exports
Report records, workflow exports, metrics, and release-dependent consolidated reporting paths.
08 / AccountsAccounts and Permissions
Users, organizations, roles, permissions, licensing scope, sessions, and per-user defaults.
09 / ExecuteTool Execution Framework
Queue management, structured tool configuration, Quick Add defaults, profiles, progress, and execution history.
10 / EncryptEncryption Workflows
Encryption indicators plus supported encrypted-destination and credential workflows, scoped to validated support.
11 / SyncWarden Network
Optional selected metadata synchronization for supported multi-unit deployments.
12 / ServicesSystem Services
Time services, operational records, metrics, update management, and service lifecycle behavior.
13 / HardwareHardware Interaction
USB drive detection, configured port roles, source-drive protection, USB bridge handling, and peripheral support.
Scope note: this catalog is descriptive, not procedural. It should not be read as a certification claim, a complete record of every platform action, or a guarantee that every workflow is available in every deployment.