Digital Forensics Investigations

During and after a breach you need answers.

Our Investigators ask and answer the hard questions.

  • What was taken?
  • Who was involved?
  • How did they do it?
  • How long ago did the breach take place?
  • Can they do it again?
  • Did any confidential information leave the network?
  • Was data deleted or documents modified?
  • Are any other systems compromised?
  • Are employees involved in illegal activities?

Analysis

  • Hard Drive Acquisition
  • System Usage, Events & Data
  • Mail, Browsing and File Transfers
  • Network Connections & Traffic
  • System & Network Device Logs
  • Malware Capabilities
  • Mobile Devices

Results

  • Event Reconstruction
  • Deleted Data Recovery
  • Exfiltration Determination
  • Proximate Cause Determination
  • Modified Data Identification
  • Future Risk Evaluation
  • Detailed Forensic Report

“Every contact leaves a trace”
~ Dr. Edmond Locard ~ father of Forensics

“It is a capital mistake to theorize before one has data.
Insensibly one begins to twist facts to suit theories, instead of theories to suit facts.”
~ Sherlock Holmes