Incident Response
Effectively manage your data breach response with a thorough examination of digital evidence and compromised systems for forensic artifacts of the threat actor’s actions and lateral movement. We also determine the scope of data exfiltration, including Social Security numbers, driver licenses, health records, and other sensitive data. Our team provides the expertise required to:
Stop additional data loss
Collect and preserve court admissible evidence
Perform digital forensics
Document and record the incident and the process
Assist law enforcement/regulators
Notify affected parties under your industry requirements
Fix vulnerabilities and implement measures to prevent further attacks
Plan ahead by ensuring you have the necessary expertise and 24/7 support required when a cyber incident hits. SecurityScorecard conducts a cyber readiness review to ensure both parties are ready to quickly take action.
Digital Forensics
To pursue legal action, it’s crucial to leverage a digital forensics team to diligently collect evidence and conduct a deep analysis to get to the bottom of the case.
SecurityScorecard’s digital forensics lab in New York City was established in collaboration with the FBI, Department of Homeland Security and US Secret Service. The lab can conduct analysis of advanced malware engineered by sophisticated state-sponsored attackers, reverse engineering, and sandbox testing services to analyze and dissect malware samples collected for incidents where keyloggers, ransomware programs, trojans, worms, botnets, command and control channels, are used by a threat actor.
SecurityScorecard’s Digital Forensics:
Court-Admissible Evidence
Ensure the availability and authenticity of data and information for law enforcement investigations. This process establishes a chain of custody and guarantees proper crime scene processing. The evidence provided by our team is always admissible in court.
Expert Witness
Our digital forensics experts have played a key role in a wide range of criminal cases involving a digital element, including organized cybercrime, online money laundering schemes, cyberstalking, data breach litigation, digital extortion, ransomware hacking incidents, DDoS attacks, and more.
Types of Forensic Services
Digital – Collecting and preserving artifacts gathered from compromised systems, recorded network communications, and digital evidence.
Mobile – Gathering information and data from mobile devices, which includes cell phone forensics, mobile device forensics, iPad forensics, and others. We also have expertise in capturing phone calls, various chat messages, images and video, and hidden stored artifacts. Geolocation GPS and EXIF metadata stored on mobile devices can provide significant forensics value.
Memory – Advanced threat actors use memory implants, which is a type of malware that resides and lives only in the memory of digital systems, to avoid leaving artifacts of compromise on the computer’s hard disk drive. Many nation-state attacks are leveraging memory malware and covert operations to avoid detection. Our Forensics Laboratory has developed a unique proprietary methodology to discover memory implants.
Network – Detecting malicious network traffic in intrusion detection systems and live network streams is dependent on communication protocols to decode and extract meaningful artifacts, metadata, and data. Network protocol forensics and automation of the process are done with MantOS, an operating system we developed, which provides a comprehensive collection of proprietary and public domain tools.
Digital forensics and incident response give you the tools to thwart digital adversaries.