Home   >   Services   >   IT-Security / Cyber Security   >   Digital forensics

Digital forensics

Digital forensics refers to the “process of uncovering and interpreting electronic data”. The main goal of this process is to “preserve any evidence in its most original form while conducting a structured investigation by collecting, identifying and validating the digital information for the purpose of reconstructing previous events”.

Digital forensics is very similar to criminal forensics. Likewise, investigations are conducted after a criminal act has taken place. Instead of a victim or a crime scene, however, computers, servers, technical rooms or even smartphones are examined. The purpose is to find out how the perpetrators penetrated the target system, what information/files were searched for and whether files were stolen and, possibly, new ones added (malware, logs, illegal content…). Another aim is to find out whether any traces of the attack have been removed or whether digital fingerprints can be found.

Approach

The forensic examination includes:

  • Secure extraction of data from unlocked, locked, damaged or destroyed devices
  • Investigation of suspicious data to determine details such as origin and content
  • Ensuring data integrity during an investigation
  • Application of laws to digital device practices

Service overview:

  • Digital investigation / incident response
  • Analysis of possible evidence data (images, text, tables, databases, audio files, video files, e-mails, websites, programmes…)
  • Reverse engineering
  • Mobile device forensics
  • E-mail forensics
  • Network/cloud forensics
  • Social media forensics
  • Finding hidden files (stegoanalysis, hidden partitions, file end changes, bit shifting, encryption, password protection)
  • Data recovery (deleted files, file fragments, new files)