Overview
- Incident Response is a generalised term that refers to the immediate response by a person or an organization to an attack.
- This can be from an internal employee or via malicious external sources to include crackers and/or terrorists. An organised and careful reaction to an incident can mean the difference between complete recovery and total disaster.
- When an incident has occurred or is detected, the forensic investigation processes used are vital. Correct procedures ensure that evidence remains sound when being located and extracted from applicable devices and media.
- Approaches may range from the use of simple data recovery and disk mirroring tools to complex techniques such as the application of reverse engineering to enable the investigator reconstruct the evidence needed to prosecute the offender.
Main Objectives
- When computer systems security has been breached and the evidence source destroyed, our forensic investigators will assist in:
- Locating and retrieving electronic evidence from many devices which include:
- Servers/ Desktops/Laptop
- Zip Drives/ Back-up Tapes
- USB devices
- PDA’s/Mobile Phones
- Digital Cameras
- Network Traffic
- E- Mails Communications
- Forensic report is generally raised to be used to prosecute the offender
- Locating and retrieving electronic evidence from many devices which include:
- Conducting an investigation under a properly controlled environment
- Generating forensic evidence that is tenable in any court of law
- Generating forensic investigation report based on all material evidence that will help control the crime.