Incident response & digital forensics

With our support, our clients can handle cyber attacks and recover from cyber security incidents. We provide situation assessment, incident response planning, technical assistance, evidence collection for later forensics analysis, advanced malware analysis, post-incident analysis and evaluation of the client’s incident response capabilities. Our digital forensics service focuses on exploring facts, vectors, history and impact of an attack therefore supporting the efficient conduct of internal and external investigations.

What to consider

Dimensions

1
Affected environment

IT environment attack methods: phishing attacks, attacks on services available on the internet via the network (website, mobile application), denial of service. OT environment attack methods: activities that occur in an industrial environment, also exist here and are cumulatively damaging (such as information leakage, interference with industrial processes, denial of service).

2
Digital forensics

We provide this for every platform: windows, linux, mac, mobile devices, IoT devices, network devices. We examine logs from the network, EDR, webserver, firewall logs, perimeter security system logs, IDS / IPS logs, SIEM logs, operating system event logs, etc. Wealso provide DISC forensics / File system forensics, memory forensics and email forensics.

3
Attribution of the incident

The first question is whether there is a pattern that can be linked to known attacker organizations or it was a stray malware attack, but of course we will investigate incidents from random malware exposure and targeted attacks too. In case the attack is state-sponsored, it is typically a very sophisticated, complex, long-lasting incident that focuses on a specific (OT) company.

4

5

6

Our methods and work standards

Why choose us

Detailed situation assessment, understanding the context of the analysis

Rapid investigation - we give our clients tangible results very quickly

Our clients will also receive the results of the deep analysis later

We make suggestions to avoid future incidents, we follow-up incidents as needed

We are integrated in the international academic network of mad scientists and IT security communities

What you get

Educational, transparent and detailed report to upgrade your security posture

Professional excellence, customer oriented attitude

Follow-up, support, training and consulting as requested

We have real professional knowledge and industry experience

All our results are delivered with business usability in mind