Forensic Analysis is the use of controlled and documented analytical and investigative techniques to identify, collect, examine, and preserve digital information. Recognizing the fragile nature of digital data, and the legal and regulatory requirements to properly preserve electronically stored information (ESI) during forensic investigations, SecureState maintains standards relating to protecting ESI against manipulation or destruction.
When an incident occurs, the Incident Response Team may deem it necessary to perform a forensic investigation based upon legal, financial or regulatory requirements. The purpose of forensics is to determine actions, motives, vectors, effects, and evidence for incidents, misuse, theft, or fraudulent activities.
In the event of an adverse incident involving an organization, whether it is an external breach, an internal intellectual property theft, or an employee Internet abuse case, data must be preserved and analyzed in order to determine the actions, motives, vectors, effects, in addition to collecting evidence. SecureState has one defining principle for Forensics: Be repeatable and defensible. SecureState’s Incident Response Team forensically collects evidence to maintain the integrity and reliability of the data. All efforts are made to ensure evidence is not altered, modified, or corrupted. SecureState’s evidence collection policy is established to protect the integrity, original-state and confidentiality of sensitive, regulatory, confidential or proprietary information, including HIPAA, PCI, PI and PHI, and to comply with legal or regulatory requirements.
SecureState’s Incident Response Team is comprised of industry experts with experience in Military Intelligence, Law Enforcement, and Big X Consulting. Members of our Team have been involved in the acquisition and forensic analysis of data in high profile events including the Space Shuttle Columbia Disaster. They have coordinated Incident Response teams that included FEMA, AFCERT, and DHS against inclement weather, terrorist activities, and world-wide threat events. Several members of the Team have high-level government security clearances and are trusted with the nation’s most classified secrets. Our strategic partnerships with the FBI, DHS, US-CERT and InfraGard permit SecureState to obtain the latest cutting-edge and persistent attacker techniques and exploits, which gives us the information necessary to identify those attacks, contain and eradicate them. This information is restricted to only certain, and trusted individuals in Information Security allowing SecureState to stay ahead of the competition. With unimpeachable ethical standards and unsurpassed technical skills, SecureState’s Incident Response Team is ready to assist with even the most complex businesses’ information security readiness and response.
Forensic Analysis is essential in a variety of data-theft incidents, litigation matters and enterprise-wide investigations. SecureState employs industry-approved and professional-grade acquisition, collection, verification and analysis tools. SecureState’s Forensics and Incident Response kits contains the latest in proven, tested and trusted technology with imaging rates around 10 gigabytes per second, and ability to collect system and network artifacts across an organization within hours. This allows rapid analysis and acquisition of systems and evidence without losing integrity, accuracy, or business processing time. SecureState’s Forensic Analysis services include:
- Proprietary Information Theft Reconstruction and analysis
- Deleted Data Recovery and Analysis
- Expert Witness Testimony
- Data Preservation
- Mobile Device Acquisition and Analysis
- Computer and User Artifact Reconstruction
- Network, End-node and Application Response
- Identification and Eradication of Malicious Code
- Staff Augmentation to support the Organization’s Response Team
- Reverse Malware/Virus Analysis
- Digital Surveillance, Tracking, Auditing and Logging
- Memory Acquisition, Extraction, and Analysis
- Anomaly-Based and Timeline Analysis