Learn about the types of evidence supported for collection from both Windows and Linux endpoints.
Forensics supports the collection and examination of evidence from both Windows and
Linux endpoints. Windows users collect evidence using the Incident Response Evidence Collection playbook, Collect Evidence task, and Trend Micro Incident Response Toolkit. Then display the collected evidence in an Evidence Report or download as an evidence package.
Evidence collection tools collect different types of evidence depending on the operating
system of the examined endpoint.