Incident Response

 

 

 
Incident Response Service

We are trained and experienced in handling security incidents.

Learning how to deal with security incidents is best done in the classroom or in the apprenticeship of experienced incident response professionals. A crisis or ongoing assault is the worst place for inexperienced personnel to intervene.  If you are dealing with experienced perpetrators, the actions of inexperienced responding IT personnel are usually anticipated. To make matters worse, often these personnel unintentionally spring traps that were placed by the hackers waiting for these specific actions.

eVestigations Inc. has helped numerous companies deal with severe persistent attacks by establishing incident response procedures, deploying live forensic acquisition technology, utilizing sound investigation methodology and working hand-in-hand with the IT staff. We have tracked perpetrators around the globe, and at the request of our clients’ counsel delivered completely developed and documented cases to law enforcement, greatly accelerating the apprehension and prosecution timeline.

Incident Response Tip
Professional incident response personnel only use “trusted code” to respond to incidents. Programs used to analyze or respond to an incident are stored on safe verifiable read-only media. This minimizes the chances of execution of a common utility that the hacker intentionally replaced with a destructive program.

Five Incident Response Mistakes
1. No response plan
2. Failure to increase monitoring and preserve logs
3. Failure to treat logs, data, and observations to legal evidentiary standards
4. Restoring compromised systems to the same level of protection
5. Failure to post-mortem
 

©Copyright 2005, eVestigations Inc., All Rights Reserved  //   eVestigations® is a registered service mark owned by eVestigations Inc.
eVestigations Inc. // Swedesford Corporate Center // 647 Swedesford Rd. // Frazer, PA. 19355 // (484) 527-6000

WEB SITE TERMS OF USE