It refers to the techniques devised to extract valuable information from assets without altering its state. Its main objective is to find a determined pattern or behavior to back a legal process consequence of a cybernetic attack.
Currently the number of cybersecurity events has increased in vectors previously unforeseen in the industry, such as: loss of information, activities disruption, device abductions with extremely high ransoms, even jeopardizing different goals when third parties are affected without apparent relation.
Can cybernetic events be prevented? How can someone never seen be prevented?
Forensic sciences work similarly to what is depicted on television or cinema, but in the real world, many vectors are involved into actually finding a suspect. Even more are involved in order to get a sentence, and that’s just talking forensic sciences in general.
Imagine what happens when we talk about digital forensic sciences, where, among other things, explaining the workings of the subject to judges, lawyers, secretaries and other parties that do not speak the technological jargon becomes an issue.
Forensic services are an important part of how to reach the source of an event while in the stage where we Respond to events.
Our service aims to gather and investigate any evidence which may bring useful information to determine the source, vector used, movements and duration of the event. Usually the objective is finding a guilty party to avoid a reoccurring event, sustain a legal process, recover any intentionally lost or erased information, detect leaks, among many other scenarios.
Our digital forensic analysts research and apply innovative techniques to solve any non-documented scenario.
Each of these steps are meant to support a legal process so that the evidence can be presented in an optimal manner. The following is an example of a non-restrictive list of information delivered at the end of the Digital Forensic Analysis
- Security copies of the chain of custody.
- Evidence processing.
- Signature analysis to determine the involved author.
- Hash analysis using unique values in order to identify and exclude files.
- Entropy analysis to locate protected, obfuscated or encrypted files.
- Locate and recover evidence, including images, files and videos in locations assigned non- manually.
- Probative data protection, management and preservation.
- Forensic sound acquisition, data copies for USB drive or any other storage device.