Planning and preparationIdentification, reconstruction and analysis of cyber attacks
Cyberangriffe zielen heute längst nicht mehr nur auf große Unternehmen ab, sondern treffen regelmäßig auch kleine und mittelständische Unternehmen. Nach einem solchen Angriff ist es oft schwer festzustellen, wie die Angreifer in das System eingedrungen sind, welcher Schaden verursacht wurde und ob diese sich weiter im Netz fortbewegen konnten.
The goal of IT forensics (or computer forensics) is to identify, reconstruct and document these criminal acts. Fortunately, attackers usually leave behind traces, in the form of so-called Indicators of Compromise (IoCs). This forensic data shows clues to the attacker’s actions and methods, thereby enabling reconstruction of the incident.
A forensic analysis begins with the preservation of evidence on the affected systems: Copies of the relevant devices or data ensure a reproducible forensic analysis. We then examine the available systems and data to reconstruct the attacker’s actions. In this way, we help you to recognize the damage that has been done, to identify possible remaining shells or backdoors, and thus to prevent further damage. In doing so, complete documentation and the observance of absolute discretion are our top priority.
To prevent renewed intrusion by attackers, regular penetration tests of critical systems are indispensable so that vulnerabilities can be detected and closed at an early stage. We are also glad to support you in the planning phase and work with you to design secure applications and IT systems.
Our Services:
- Reconstruction of attacks
- Analysis of log files, user data and recorded network traffic
- Data recovery after ransomware and malware attacks
- Preservation of evidence
- Traceable documentation of the forensic analysis