Forensic analysis

The problem

Following security incident detection there is usually an urgent reinstallation of the compromised system in order to return it to the initial state. In most cases this is done without further analysis and determination of the root cause of the incident. Knowing the root cause is a critical requirement in cost reducing and mitigation of similar events in the future. "Fire-fighting" is not an acceptable long term solution for any information system.

Service

Security incidents must undergo root-cause analysis to determine the impact of the incident and the identity of the perpetrators. As a security incident represent loss for the company, it is unacceptable that such events are handled without appropriate examination. Furthermore, if the root cause of the incident is not determined correctly, there is a high probability that the same system will be compromised again.

To solve the problems described above, INFIGO IS offers forensic analysis and detailed examination of security incidents. The forensic analysis will reveal key issues about the incident, such as the root-cause, the responsible person(s), the chronological chain of activities on the compromised system and many other details, depending on the type of the incident.

Forensic analysis methodology and scope is based on the type and extent of the incident, taking into account business needs and objectives of the affected company.

Benefit

The client will be provided with a detailed report including all the data relevant to the examined incident. By following this information, the client will be able to remove identified vulnerabilities in and improve the overall security of the information system.

contact 

• Managed security
• Incident handling
• Forensic analysis
• Security monitoring and auditing