Computer Forensics
Computer forensics is the analysis of information contained within and created with computer systems and computing devices, typically in the interest of documenting what happened, when it happened, how it happened, and who was involved.
This can be for the purpose of performing a root cause analysis of a computer system that had failed or is not operating properly, or to find out who is responsible for misuse of computer systems, perhaps even committing a crime using a computer system or against a computer system. In many cases, information is gathered during a computer forensics investigation that is not typically available or viewable by the average computer user, such as deleted files and fragments of data. Special skills and tools are needed to obtain this type of information or evidence.
Our certified engineers follow industry standard forensic practices and guidelines because we understand the importance of proper evidence handling procedures to ensure the examination process is forensically sound, defensible and the results repeatable.
These services can include:
- Forensic preservation of hard drives as well as removable devices
- Preservation of a targeted collection of files or folders
- Examination of user-created data with keywords, date range and by file types including unallocated space?
- Identify and extract hidden or password protected data
- Malware analysis scan to find evidence of hidden programs or malicious code
- Social media analysis
- Recovery of deleted data that has not been overwritten
- Development of a court-ready forensic lab analysis report
Forensic Preservation
Our Forensic Preservation service is designed to provide data collection and preservation for computers, smart phones and tablets belonging to the individual. Our ACE (FTK Certified Examiner) experts will make a forensic image or bit by bit copy of the original media, while documenting the process such that it is forensically sound and admissible in a court of law.
This service utilizes industry standard forensic software and hardware to identify and preserve the necessary data. Our certified forensic examiners follow strict guidelines to ensure a forensically sound and legally defensible data collection as well as to ensure that the data integrity is preserved. A court-ready forensic lab analysis report will be prepared and provided to detail the analysis procedures that were conducted, as well as the results.
Features and Benefits:
- Investigation of deleted or hidden data
- Identify and extract password protected data
- Analysis of metadata to determine date and time stamp
- Analysis and auditing to determine user logins, file and removable drive access
- Keyword searching of user created data
- Date range search of user created data
- Investigation of mail clients (Microsoft Exchange)
- Analysis and reporting of log, registry and user data
Forensic Hacking
Our Computer Hacking Forensic Investigation (CHFI) services identify an intruder’s footprints and gathers information to help you understand the characteristics of how malware is behaving within and outside the network.
Features and Benefits:
- Analysis of FTP and HTTP logs, registries and web content.
- Identify origination points.
- Analysis the threat and how the malware affects other files it has interacted with on the system.
- Determine if scripts or iFrames have been injected.
- Determine if changed encoding for pages and feeds are corrupt and if spam has been added.
- Determine if the Web Developer’s computer has been compromised.
- Determine if content management software (CMS) has security holes