Überblick über die Plattform
Erfahren Sie, warum Penlink der weltweit führende Anbieter von KI-gestützter digitaler Intelligenz und Ermittlungen ist
Penlink Academy
Your complete destination for Penlink training, with live sessions, on-demand modules, and certifications designed to give professionals the tools and confidence to succeed in real investigations.
The Agency
The University of Alabama Police Department’s Regional Evidence Analysis & Cyber-Intelligence Team (REACT) serves the University and law enforcement agencies throughout Alabama by collecting and analyzing digital evidence for a range of cases, including child exploitation, narcotics, theft, harassment and threats, sexual assault, and domestic violence.
An obstacle that many law enforcement agencies face, especially in ICAC cases, is that nearly every case – whether it’s a NEMEC tip or peer-to-peer investigation – involves an IP address. In this case example, REACT was aware that an individual was using a school’s network for illicit activities. In fact, they had the IP address and could tell it was a residence.
Though REACT investigators had an IP address, they didn’t have the direct connections needed to prove that someone was downloading illegal images through it. Investigators would need to establish probable cause to obtain a search warrant to compel the internet provider to furnish information on the account owner, along with the physical address. Investigators also wanted to determine whether the target might have connections with other networks, and if there were additional victims.
Using the IP address as a starting point, REACT investigators used Open-Source Intelligence (OSINT) by leveraging the PenLink Tangles platform to gather more information. The investigators suspected the IP address was Wi-Fi-based, so they searched for other connected devices from the previous month. Next, investigators looked for devices that were connected at night to show who likely lived at that location.
Using Tangles, investigators were able to find a location and possible suspect; then, by comparing other IP addresses for the target phone via peer-to-peer monitoring, the team was able to locate the connections they needed for a viable case.
At this point, the REACT team had a name and could see which websites the suspect was visiting, but they needed to dig further to find whether any downloads had occurred. Further research found additional IP addresses to investigate, of which at least one showed that content had been downloaded. Once investigators had determined probable cause, they were able to request subpoenas for the service providers.
REACT then turned to PLX, PenLink’s evidentiary collection and analysis solution, to quickly analyze social media and cell-tower data to validate communications and image downloads the team first discovered with Tangles. At the same time, the team continued to monitor open-source intelligence, remaining on the lookout for information that could lead them to broader networks.
PLX displays a visual representation of all dates, times, and locations – including latitude and longitude data for communications like text messages and calls – and overall travel patterns. As additional key data was uncovered, additional warrants were obtained so investigators could access more data to further strengthen the case. With the information collected by REACT, local law enforcement was able to make an arrest.
REACT investigators are confident the evidence provided to prosecutors will lead to a conviction and justice for victims. The case underscores the importance of having proper digital intelligence solutions available to investigators and analysts. The ability to collect and analyze open-source data to quickly identify leads gave investigators the intel they needed to request search warrants for the suspects. Those warrants provided significant evidentiary data that was quickly analyzed and turned into actionable insights.
Law enforcement and security teams face growing pressure at high-profile events. This webinar covers how OSINT supports pre-event planning, real-time awareness, and post-event investigations.
EXCERPT:
Penlink CEO Peter Weber shares the company’s commitment to responsible technology, lawful data use, and the mission that has guided nearly 40 years of work alongside law enforcement.
Intelligence teams face an overwhelming volume of data at large-scale events. This webinar covers the full intelligence cycle, from pre-event risk assessment to real-time monitoring and post-event investigation.
Investigators face more data than ever. CoAnalyst for PLX brings generative AI directly into PLX, helping agencies move faster from raw data to actionable insight.
The Department of Defense is facing more data, more tools, and more complexity. This report shows how a unified OSINT platform delivers faster, smarter defense intelligence.
Penlink was recently featured on Fed Gov Today’s The OSINT Edge to discuss how open source intelligence is changing the way agencies detect and respond to cyber threats. Here is what that conversation covered.