When computer systems get compromised, it is of paramount importantance to discover how it happened, what was modified, where are the backdoors, what was taken, and how can further compromises be prevented. This is where our Forensics Service comes in.
Forensics itself is the process of collecting, analyzing and presenting evidence. In the world of information systems it represents a procedure of collecting and analyzing data from computer systems, storage devices or networks. Unless strict forensic protocoles are observed, vital evidence may be destroyed.
In forensic science there is a distinction between persistent data and volatile data. Persistent data is data stored on a hard drive or some other medium and preserved when the computer is turned off. It is important to have the proper hardware and software equipment to deal with such situations and well trained personnel to do efficient forensic work.
Volatile data is data stored in system memory (RAM). Analyzing it is the most valuable pathway to discovery of the methods that malicious users used to penetrate your system. It is essential to react quickly and adequately and to know reliable ways to capture such data.
If you believe your systems have been compromised, contact us immediately for detailed analysis and clean-up of targeted systems.