Performing an in-depth malware analysis on any potentially malicious files on a suspicious system (e.g., workstation, server). The study will allow determining if it is indeed malware, its type, and the impact that it might have on the respective organizations’ systems.
Examination of suspicious network traffic and abnormal patterns using advanced network forensic tools that spread across the entire organization. This process will allow our team to detect attacks, such as insider threats that leak data, and malware that spreads laterally and is connected to C&C servers and may cause denial-of-service conditions attacks.
We use advanced investigation and analysis techniques to gather and preserve evidence from a particular computing device in a manner that is suitable for presentation in a court of law. The goal is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on the computing device and who was responsible for it.