Incident Forensics

Response and Reaction to Cyber Fraud and Crime

Each security incident requires a detailed and fast investigation in order to minimize losses, find the guilty ones and prepare all the necessary materials for the law enforcement agencies. Investigations can also help to prevent such cases in future.

The investigative process starts after the incident recovery phase with a damage assessment of the hacker’s attack or insider’s activities. After that our experts will start a log analysis or log recovery process if logs were deleted by intruders.

As the complete schema of the incident is made and the source of the attack can be identified, then all the information obtained during the investigation process can be transmitted to law enforcement agencies to begin a legal process.

Hackers quite often perform their attacks through several previously compromised systems in order to hide the real source of attack. In this case our experts will start a step-by-step investigation, in cooperation with international law enforcement agencies to follow the criminal chain, restore the logs and find the real attacker.

Incident Forensics by Steps and Participants

Recent US-CERT Alerts:

Microsoft Updates for Multiple Vulnerabilities Microsoft Updates for Multiple Vulnerabilities Microsoft Internet Explorer Vulnerabilities Adobe Reader and Acrobat Vulnerabilities

Recent Vulnerabilities:

Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability Microsoft Excel FNGROUPNAME Record Remote Code Execution Vulnerability Squid Web Proxy Cache HTCP Request Processing Remote Denial of Service Vulnerability Linux Kernel KVM Multiple Privilege Escalation and Denial of Service Vulnerabilities

Ethical Hacking ISO 27001 CISO/CSO OWASP OSSTMM CERT MELANI CEH IMPACT PCI DSS Security Policy COBIT