Arman Gungor - CEO of Metaspike
in the chair with Jon Munsey - December 2019
Introduction:
Arman, Forensic E-Mail Collector (FEC) was recently reviewed here on Computer Forensic Reviews Online acheiving a massive 9 out of 10 score, with Metaspike also acheiving a Super Vendor award for outstanding conduct and support.
Following on from that, we like to interview vendors to find out a little more about them, their company and their products.
I don't allow sales pitches or corporate bulls*it on these pages, so readers, you should find something for everyone here, from which bugs were hard to squash, through to where they are going next.
I'm no journalist, but hope you enjoy the read and remember to subscribe to be notified of new interviews (people are lining up!!!!) in the future.
Anyway, enough waffle and on with the show;
About Metaspike:
Q1. Can you tell us how Metaspike came to be, how long have you been in existence?
Also, where are you based and what’s the weather like their this time of the year (us English folk love to talk about the weather!).
A1. Thanks for taking the time to review FEC, Jon!
As a digital forensics firm, we have needed a reliable forensic email acquisition software for as long as I remember.
Metaspike was born to develop that software and other forensic cloud preservation tools and make them available to fellow forensic examiners worldwide.
We formed the company in 2017 in Los Angeles, California.
We are spoiled by the weather in Los Angeles—it is 73 F (~23 C) as I type this!
Q2. What is the working environment at Metaspike?
Do you have free soda and candy/chocolate and yoga matts everywhere, or is it more like roman galleon ship with you walking up and down the middle of the cubicles whipping the programmers?
A2. We do have a relaxed work environment, but we don't indulge much in the free soda and candy—mostly coffee and occasional happy hours to blow off some steam.
Our office is in a coastal city called El Segundo in Los Angeles county.
Q3. In relation to the business, not products - what are you plans for the company? Are you planning to stay small and nimble or are you looking to grow larger?
A3. Our plan is to stay agile and retain both our financial and creative freedom. While there are many successful software companies that are large, I've found that my favorite products often come from smaller teams.
About Arman Himself:
Q4. Can you introduce yourself to our readers. If you can give us a little bit about your background, how did you get into forensics?
A4. Sure! My background is in electrical engineering and I started in the legal field in 2004 in Washington, DC when I took a job at an eDiscovery company.
At first, my work involved managing the eDiscovery department and its related software development efforts.
My focus quickly shifted from eDiscovery to digital forensics and I've been an active digital forensic examiner since then.
Q5. Can you tell us your favourite piece of forensic software that you use regularly?
A5. If I could only pick one forensic tool (other than FEC, of course), it would have to be X-Ways. It is very versatile, and I love the no-nonsense approach.
That said, I usually prefer using multiple, focused tools rather than forensic suites in my investigations.
Two of my favorites at the moment are USB Detective and EZ tools.
[Editor - Ooooo, I like the sound of those tools, added to the list of tools to review!]
Also, when I set up a new Windows computer, the two things I install first are Directory Opus and UltraEdit—in that order.
Q6. In your experience can you name two forensic software companies who you feel have great customer support.
A6. F-Response and BlackBag have impressed me in the support department in the past.
Development of FEC:
Q7. Can you tell us how you came up with the idea of FEC?
A7. The general outline of FEC has been in my mind since mid-2000s. I was often tasked with collecting large Yahoo and AOL mailboxes back then, and the tools that were available did not keep track of acquired items, resume failed acquisitions, or report issues.
I would frequently end up with incomplete acquisitions and had to perform hours of quality control and jump through many hoops to get a complete acquisition. I was sure there had to be a better way!
In the last few years, multi-factor authentication gained traction and collecting emails with legacy tools became even more painful. We also started receiving many requests for searching mailboxes before the acquisition due to privacy and scope concerns
These led us to put the development of FEC on the fast track.
Q8. What was the most challenging part of FEC development from a programmatical perspective? What was the most difficult thing to make work ?
A8. Working with email hosted in the cloud.
Unlike working with local files that can be accessed and queried reliably, cloud APIs are fussy.
Servers throw tantrums and put the brakes on.
Building the throttling mitigation and fault tolerance aspects of FEC has been the most challenging part so far.
Q22. We have recently seen mailbox Obliterator, do you have any plans for additional software that will be released within the next 6 months.
A22. Obliterator [editor - review is on the cards!] will likely get some major updates as it has received a lot of interest—both from our users as well as non-users.
We also have plans to release other forensic tools with a focus on forensic preservation from the cloud.
We are currently in the planning phase, hard to say if you will see the next software materialize within the next 6 months.
Events & Product Promotion:
Q23. Are you promoting Metaspike or FEC at any upcoming events, if so can you share which ones and when?
A23. Our preference has been to attend industry events as speakers and participants, rather than to simply promote FEC with a vendor booth.
This year, I've attended the Techno Security & Digital Forensics Conference in San Diego as well as the SANS DFIR Summit in Austin where I had presentations on
email forensics.
While I didn't promote Metaspike or FEC, I feel that it was a great way to connect with our existing users as well as establish relationships with fellow forensic examiners.
We will send out an announcement once we make plans to attend the next industry event.
Long Term Future Products:
Q24. Are you currently, or do you have any plans to release any other software products in a different area of the forensic software spectrum?
A24. We are hyperfocused on forensic preservation at the moment, but we have a couple of long terms ideas around specialized forensic investigation tools for specific data types.
Thank you Arman for taking part in our “Super Vendor” interview, we wish you well with FEC and Metaspike, your products are always welcome here on CFRO as are your comments.
Keep up the good work and remember we don't want the kitchen sink in FEC, keep it E-Mail only and if you have any other cool ideas, put them in a separate product - we will buy anything :)