Collect evidence and identify the cause, scope and perpetrator of the attack.
Digital forensics
What is digital forensics?
Digital forensics plays a central role in solving and securing evidence of cybercrime offenses.
Digital forensics experts secure and analyze digital traces.
Services We Provide
Digital forensics enables organizations to respond to cyberattacks quickly and effectively. This can help secure evidence of a cyberattack that can be used for prosecution and compensation. In addition to identifying perpetrators, analyzing the evidence can help understand the cause of a cyberattack and take action to prevent further attacks. This can help minimize the impact of an attack, limit the damage, and use the insights to prevent future attacks.
Our approach to digital forensics
Our digital forensics experts secure all relevant data, including logs, files and system images. We analyze the collected data to determine the type of attack and the extent of the damage. We then create detailed reports that can be used in court and identify the attackers.
Fast and effective investigation with digital forensics
Digital forensics - process
Our experienced security experts carry out forensic investigations using a procedure model based on international standards and best practices:
Preparation, data collection, investigation, data analysis, documentation and optional follow-up.
In addition, our experts can support you in incident response and crisis management to deal with the consequences of a cyber attack.
Digital forensics secures traces of attacks that can be used in court
The digital forensics process in six phases
Strategic and operational preparation
We discuss the initial situation with you and explain our approach. Depending on the incident, the appropriate forensic tools are selected.
Data collection
We collect important data from potentially affected components during this phase. This includes, for example, system time and date, active processes (system state), open network connections (sockets) and logged in users.
Investigation
The collected data is now analyzed and the data relevant to the incident is filtered out. Some data can be excluded from further analysis (e.g. by leaving checksums unchanged). However, it may also be necessary to extend the analysis to additional parts of the IT system.
Data analysis
The findings from the partial analyses of the various affected components are integrated into a coherent timeline and logically linked together.
documentation
Our IT forensics experts summarize the recorded investigation processes in reports. These are tailored to the respective target group; the management report contains different technical details than a report for administrators. If it is necessary to inform authorities, we will support you in drafting the relevant reports.
Follow-up (optional)
Optionally, we identify potential vulnerabilities after incident handling. We provide recommendations for measures to prevent future attacks and help you improve your company's response strategy (incident response process).
Wichtige sicherheitsrelevante Themen
Stay informed & safe!
You know very well that ignorance is no defence against harm. They also know that cybercrime and cyber security are very fast-moving topics. That's why information straight from the experts is priceless.