Determine the threat and cause;
understand the extent of the compromise.
We capture and analyze data stored in your hard drives, CDs, DVDs, thumb drives and other media formats, then follow evidentiary procedures to ensure integrity and admissibility. Computer forensic investigation can be performed during Incident Response handling or independently.
To fully understand the extent of the breach and ultimately contain the incident, it is critical to understand the root cause. In many cases, an in-depth forensic analysis is required to capture artifacts that would be of evidentiary value.
Chain of Custody
During an active incident, emotions run high and the common goal is to remediate the threat as soon as possible to resume normal business operations. This course of action can lead to your organization's ability to provide useful and credible evidence to investigative authorities.
We will provide forensically sound evidence and follow approved methodology to ensure the evidence captured will “hold-up” in a court of law. By using the standardized collections methods, evidence is generally captured more efficiently as checklists are used for proper collection and documentation.
Our Forensic Tools
In addition to our experience and expertise, we have the latest forensic hardware and software tools to preserve, gather and analyze electronic information from nearly every type of data storage system including:
- Hard drives
- Live systems
- Malware analysis
- Portable storage devices (thumb drives)
- Cell phones
- GPS systems
- Optical media (CDs and DVDs)
- Social media sites
- Webmail systems
- Database systems