Incident Analysis
Even when taking the proper steps to defend your networks, breaches can still occur. After detecting an attack, containing it, and cleaning up the aftermath there are often many questions to be answered.
What (if anything) was taken? Where did the attack originate? Were we specifically targeted?
504ENSICS security analysts have the skills required to perform thorough investigations of compromises, including artifacts on hard drives, in memory, and in network captures. Using these skills, we can often provide answers that can go a long way towards helping fend off future attacks, or be provided to law enforcement to aid in the pursuit of the attackers.
- Post-incident image acquisition of compromised assets
- Attempt to determine date, method, origin and extent of breach
- Discover what may have been exfiltrated
- Suggest remediation steps
Contact us about how we can help you protect your network and prevent future attacks.