Digital Forensics and Incident Response
can help you recover quickly
Cyber criminals leave digital fingerprints that help Digital Forensics and Incident Response (DFIR) experts identify how an intrusion occurred and what impact the breach has had on your networks and data.
Digital Forensics is a comprehensive investigation to collect, examine, analyse and document digital evidence to determine how an intrusion occurred and what impact the breach has had on your networks and data.
Incident Response follows a process to contain a threat or breach, and take steps to respond and recover. It is often a reactive service called upon when an organisation suspects a breach within their network. Many organisations simply don’t have the expertise in-house to comprehensively respond to, and investigate, a cyber breach.
DFIR protects and defends against cyber threats, preserves evidence, assists with compliance, and ensures business continuity.
We provide a comprehensive forensic examination starting with the collection and preservation of evidence, maintaining chain of custody, processing and analysing the data and producing reports that outline the findings and recommendations in plain English.
We will support you in the event of a breach or suspected breach.
We provide immediate updates on critical findings and a daily or weekly status update outlining the steps taken in the previous period, plans for the following period and the amount of time consumed by the investigation.
INCIDENT RESPONSE RETAINER
An Incident Response Retainer puts a Service Level Agreement in place, cutting response time by weeks. A response plan will be ready, including a review of your environment to list your tools, logs and systems. In the event of an incident, you will know when and how to call us for help.
We analyse customer data, use threat intelligence, and apply our own knowledge based on experience of investigating cyber attacks to see if your system has been compromised.
Our technology and hunt methodologies align with the Australian Cyber Security Centre’s (ACSC) Strategies to Mitigate Cyber Security Incidents (known as the Essential 8), the NIST Cybersecurity Framework, and the MITRE ATT&CK framework of attacker tactics and techniques.