Digital Forensic Investigation Service
Security Brigade Logo
Services | Products | Compliance | Training | Home | Clients | Contact Us
Menu
Services
Products
Training
Compliance
Whitepapers
Case-Studies
News
Media
Contact Us

Clients / Partners

Search
Digital Forensics Service               Request a Call Request a Brochure

Overview

Security Brigade provide the best of digital forensic services and help clients to catch the real culprit. We have got a digital forensic lab with the advance tools to carry out all the forensic investigation. Security Brigade personnel have a vast computer based knowledge, with in-depth, hands-on law enforcement based use of digital forensics. This experience, combined with the latest forensic tools, offers an edge to those needing to prove their case with confidence. Security Brigade utilizes sound digital forensic doctrine, both tested and validated by the forensic community. Security Brigade has built a rapport with numerous forensic, computer, and networking experts throughout the world within corporate, armed forces, and law enforcement sectors. This gives Security Brigade a unique advantage over forensic companies limited to the "private" sector.

You benefit from:

  • Digital / Cyber Forensics help with crimes carried out from and on computers.
  • Benefit from our proprietary methods and processes.
  • Easily identify criminals who have targeted your networks.
  • Industry-leading expertise, support and guidance from SB' security research and development team.
  • Gather evidence against criminals who carry out attacks from your networks.
  • Compliance with federal and state regulations that require security awareness training.
  • Acquire and maintain certifications to industry regulations (BS7799, HIPAA, OSSTMM, OWASP).

Features

Security Brigade's experience, combined with the latest forensic tools, offers an edge to those needing to prove their case with confidence. Security Brigade utilizes sound digital forensic doctrine, both tested and validated by the forensic community. Security Brigade has built a rapport with numerous forensic, computer, and networking experts throughout the world within corporate, armed forces, and law enforcement sectors. This gives Security Brigade a unique advantage over forensic companies limited to the "private" sector.

Key Features

  • Preservation of Evidence.
  • Data Recovery and Analysis.
  • Analysis of User Activity.
  • Recover password protected files.
  • Expert Reporting.
  • Computer crime scene investigation.
  • Recovery from compromised state to functional state based on incident response policy.
  • Incident Response policy development, audit and analysis.
  • Compromised machines detection and identification.
  • Forensics performed by SB security experts who have a background in forensic analysis and incident response.
  • Detailed report providing recommendations, evidence and detailed analysis.

 

Benefits

Nearly all "white collar" crimes today involve the computer either as a tool in enabling the crime or as a target of the crime. Digital forensics is the discovery, analysis, and reconstruction of evidence extracted from any element of computer systems, computer networks, computer media, and computer peripherals that allow investigators to solve the crime. In the battle against malicious hackers, digital forensic investigations are performed in support of various objectives, including timely cyber attack containment, perpetrator location and identification, damage mitigation, and recovery initiation in the case of a crippled, yet still functioning, network.

  • Gain from personalized customer guidance.
  • Swiftly recover from security incidents.
  • Recover your networks and minimize downtime after compromise.
  • Identifies specific risks to the organisation and provides detailed recommendations to mitigate them.
  • Prevents loss of customer’s confidential information.
  • Helps to achieve and maintain compliance with federal and state regulations.
  • Overcoming legal hassles due to failure of the application security.

Technical Information

Computer forensics deals with gathering evidence from computer media seized at the crime scene. Principle concerns with computer forensics involve imaging storage media, recovering deleted files, searching slack and free space, and preserving the collected information for litigation purposes. Network forensics gathers digital evidence that is distributed across large-scale, complex networks. Often this evidence is transient in nature and is not preserved within permanent storage media.

Network forensics deals primarily with in-depth analysis of computer network intrusion evidence, while current commercial intrusion analysis tools are inadequate to deal with today's networked, distributed environments. With the rise in number of crimes in the digital world, the need of digital forensics has been increased to catch the culprit. Corporate investigations and legal matters require the discovery of digital evidence created, stored, accessed, deleted or allegedly destroyed in different cases. Its not the matter of winning or loosing the case. Matter is to try best to catch the real culprit.

Compliance

Security Brigade's Forensic service can meet the requirements of many standards and guidelines in relation to information security. Our Forensics team has working knowledge of the following standards and attempt to exceedingly meet their requirements.

  • PCI
    The Payment Card Industry (PCI) Data Security Requirements were established in December 2004, and apply to all Members, merchants, and service providers that store, process or transmit cardholder data. As well as a requirement to comply with this standard, there is a requirement to independently prove verification.

  • ISACA
    ISACA was established in 1967 and has become a pace-setting global organisation for information governance, control, security and audit professionals. Its IS Auditing and IS Control standards are followed by practitioners worldwide and its research pinpoints professional issues challenging its constituents. CISA, the Certified Information Systems Auditor is ISACA's cornerstone certification. Since 1978, the CISA exam has measured excellence in the area of IS auditing, control and security and has grown to be globally recognized and adopted worldwide as a symbol of achievement.

  • CHECK
    The CESG IT Health Check scheme was instigated to ensure that sensitive government networks and those constituting the GSI (Government Secure Intranet) and CNI (Critical National Infrastructure) were secured and tested to a consistent high level. The methodology aims to identify known vulnerabilities in IT systems and networks which may compromise the confidentiality, integrity or availability of information held on that IT system. In the absence of other standards, CHECK has become the de-facto standard for penetration testing in the UK. This is mainly on account of its rigorous certification process. Whilst good it only concentrates on infrastructure testing and not application. However, open source methodologies such as the following are providing viable and comprehensive alternatives, without UK Government association. It must also be noted that CHECK consultants are only required when the assessment is for HMG or related parties, and meets the requirements above. If you want a CHECK test you will need to surrender your penetration testing results to CESG.

  • BS7799
    BS 7799 Part 1 was a standard originally published as BS 7799 by the British Standards Institute (BSI) in 1995. It was written by the United Kingdom Government's Department of Trade and Industry (DTI), and after several revisions, was eventually adopted by ISO as ISO/IEC 17799. ISO/IEC 17799 was most recently revised in June 2005 and was renamed to ISO/IEC 27002 in July 2007. The BS 7799-2 focused on how to implement an Information security management system (ISMS), referring to the information security management structure and controls identified in BS 7799-2, which later became ISO/IEC 27001. The 2002 version of BS 7799-2 introduced the Plan-Do-Check-Act (PDCA) (Deming quality assurance model), aligning it with quality standards such as ISO 9000. BS 7799 Part 2 was adopted by ISO as ISO/IEC 27001 in November 2005. BS7799 Part 3 was published in 2005, covering risk analysis and management. It aligns with ISO/IEC 27001.

  • HIPPA
    The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the U.S. Congress in 1996. Administrative Simplification (AS) provisions of HIPPA, require the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers. The AS provisions also address the security and privacy of health data. The standards are meant to improve the efficiency and effectiveness of the nation's health care system by encouraging the widespread use of electronic data interchange in the US health care system.

Copyright 2006 Security Brigade