PROTEQME’s Digital Forensic and Incident Response (DFIR) service work directly with organizations to investigate and respond to cyber attacks on their network. A DFIR capability is becoming an increasingly important component for organizations seeking to maintain business continuity in the digital era. Crucially, DFIR processes contain incidents as quickly as possible and prevent a cyber attack from becoming a cyber crisis.
PROTEQME’s DFIR service combines technical and strategic advice to ensure all aspects of a cyber attack are managed effectively. Our approach combines a variety of processes, including identifying an initial attack vector, determining the extent of any compromise, understanding the attacker’s methods and motivations, and developing an action plan to remediate. As well as implementing immediate steps to mitigate an attack, our team of consultants will also provide a report after the event to ensure appropriate steps are taken to mitigate future attacks. We also host tabletop exercises to enable organizations to prepare for potential future attacks.
Digital forensics is used to perform a systematic investigation while documenting the chain of evidence. Our method replicates the step-by-step actions of an attacker.
We conduct an in-depth assessment of any suspicious activity and carry out an investigative analysis of computers, mobile devices, networks, memory drives, databases, logs, files, etc. This allows organizations to fully grasp cyber incidents on their network and provides insight that can be fed into their long-term information security strategy.