Forensic Tools

In addition to our experience and expertise, we have the latest forensic hardware and  software tools to preserve, gather, and analyze electronic information from nearly every type  of data storage system, including: 

• Hard drives 

• Live Systems 

• Email 

• Malware Analysis 

• Portable storage devices (thumb drives) 

• Cell phones 

• GPS systems 

• Optical Media (CDs and DVDs) 

• Social media sites 

• Webmail systems 

• Database systems 

Investigations

• Departing employee theft of intellectual property 

• Enforcement of non-competition agreements 

• Sexual harassment 

• Financial fraud 

• Capital murder defense 

• Legal malpractice 

• Bankruptcy 

• Hacker incidents 

• Family law matters 

eDiscovery

Our eDiscovery services can assist with technological and resource-intensive issues associated with regulatory and legal eDiscovery requests. 

Examples of eDiscovery services: 

• Metadata analysis 

• Hash analysis and discovery of intellectual property 

• Document search and preservation 

• Enterprise-wide keyword searches 

• Recovery and indexing for searching 

• Logical file creation for case portability of eDiscovery results 

• Remote analysis

Forensic Triage

When computer systems were compromised, created custom script to remotely triage and collect digital evidence and indicators of compromise by tier 1 personnel. Reduced tier 3 caseload by 75% due to false positives and reduced the need to take systems offline and reduce work stoppage.  

Forensic Lab Creation and Deployment

As project lead, proposed budgeted and deployed hardware, software, policies, and procedures in the creation of a state-of-the-art forensic lab for computer and mobile device forensics and malware analysis, resulting in a significant increase in the processing speed of sensitive data;  created a workshop to develop custom analytical methods to increase processing times. 

Automated Malware Analysis

Project led to eliminate manual examination of malware; created an integrated system to ingest malware in bulk form and analyzed for capabilities and origin. Reduced manual analysis requirement to less than 5%. 

Policy and Procedure Creation

Designed and deployed company’s first Information Technology Operations Policies and  Procedures; trained all employees on new systems; eliminated repetitive actions and established daily standardization. 

Change Management

Created a system to provide documentation and accountability of system changes; changes made during scheduled maintenance windows, allowing for uninterrupted workflow and reduced maintenance hours due to preliminary testing. 

Hard Drive Development Policy

Created a golden image (master copy) of standard software to be deployed, significantly decreasing man hours required to deploy a computer system. Hardware failures were immediately resolved by the insertion of a new drive from inventory. Previously used computers had new hard drives installed to avoid overwriting potential forensic evidence. Ensured possible legal evidence requiring E-discovery arising from employee termination was not destroyed. 

Standardized Evidence Processing

Project leader for creation of a system to process, implement, and report evidence. Automation allowed multiple investigators to begin the standardized processing and review the resulting output. Multiple cases can be processed automatically.

Password Management

Configured and deployed a self-service password reset tool allowing system users to reset passwords without administrator assistance. Eliminated work stoppage due to remote employees working after normal hours when administrative assistance was not available.