Digital forensics company Exterro has told Axios its FTK Suite platform was used as part of the FBI's investigation into the attempted assassination at this year's White House Correspondents' Dinner, with agents relying on the tool during the roughly 48 hours between the attack and the filing of charges against Cole Thomas Allen. The disclosure is the clearest public example yet of how law enforcement agencies are weaving AI into fast-moving criminal investigations.
What Digital Forensics Means for Investigators
Digital forensics is the discipline of collecting, preserving, and analyzing electronic evidence — files, messages, metadata, and images recovered from seized devices or accounts — in a form that can hold up in court. The discipline matters because modern suspects leave data trails across phones, cloud accounts, financial records, and surveillance systems, and sifting through that volume manually takes time investigators often do not have.
Exterro's FTK Suite addresses that problem by pulling evidence from multiple sources into a single on-premises repository that authorized users can search simultaneously. Rather than queuing requests to a single analyst, the platform lets several investigators query the same evidence set at once. The Justice Department separately confirmed it reviewed seized devices, cloud and email accounts, travel and financial records, surveillance footage, and metadata collected from the Washington Hilton, where the dinner took place.
How the AI Layer Works
The AI assistant embedded in FTK Suite accepts natural-language prompts. According to a demonstration presented to Axios, an investigator can ask the system to surface every image of a specific object, identify video frames where a named suspect appears, or confirm whether a person was at a particular location on a given date. The platform is designed for on-premises deployment, meaning data never has to leave a secure facility or reach the internet — a design choice Exterro vice president of product management Harsh Behl said allows it to operate in some of the most sensitive environments globally.
Exterro says it does not train its AI models on customer evidence, and that investigators retain full responsibility for reviewing findings and making charging decisions. The company's customers span law enforcement agencies and roughly 40 Fortune 100 companies.
The Emerging Courtroom Problem
AI-assisted investigation is creating a parallel challenge for courts: judges and juries now must assess whether digital evidence itself has been altered or synthetically generated. Exterro has responded by building a deepfake-detection tool into its platform, anticipating that authentication of evidence will become as contested as the evidence itself.
Behl framed the stakes plainly, noting that findings from the platform can determine whether someone is proved guilty or not — a standard that will increasingly pressure both investigators and vendors to document exactly how AI reached its conclusions.
The broader shift underway is less about whether agencies use AI to process evidence and more about how they will defend AI-assisted findings once a case reaches trial.