• Incident Response

  • We provide incident response consultation and services for ransomware incidents, breaches involving regulated and protected data, malware, phishing, business email compromise, cyber extortion, and cyber theft.

  • Ransomware

    We help organizations respond and recover from ransomware attacks involving complete take over and encryption of their systems. Many of the incidents we work have involved encryption of every system on the network resulting in a complete shutdown of the business. Understanding the type or ransomware, the attackers, and incident response approaches can significantly reduce your time to recovery.

  • Computer and Network Forensics

    During incident response it's often necessary to perform computer or network forensics. We also perform forensics in cases where deleted data needs to be recovered, or electronic evidence needs to be discovered. Our computer forensics services include computers, networks, mobile devices, and other removable storage devices.

  • Computer Crime Investigations

    We have trained private investigators on staff that handle computer crime and fraud investigations. Our investigative services include collecting forensic evidence, financial evidence, obtaining witness statements, and expert testimony.

  • Malware Removal

    It's no longer a good practice to remove malware from a computer and continue to use it without some investigation. Todays sophisticated malware can attack other systems, exfiltrate data, and move laterally across your network undetected. Todays malware incidents should include memory forensics to see how it entered the systems and what activities it's trying to perform. This process can stop a breach or further intrusion before it happens.

  • Phishing Attacks

    Phishing attacks are designed to trick you into downloading malware, opening an infected document, or logging into a fake web site to the attacker can steal your username and passwords for things like VPNs, banking sites, social media, and email. We help organizations determine the exposure from a phishing attack and help prevent future phishing attacks.

  • Business Email Compromise

    Business email compromise can result in you being the target of the victim of the attacker. When you are the target of the attacker, the attacker gains access to an email account for your organization and looks for data that can be used to access other systems, steal from your organization, or attack other organizations.

    When these victim organizations are attacked, it looks like it's a legitimate email from your organization and the goal might be to steal money from the victim organization, or if it's your bank, trick the bank into transferring money from your account outside the country. We help organizations recover email from both forms of business email compromise.

  • Hacked or Defaced Web Sites

    Hacked or defaced web sites are often one of the first signs there is an intruder has gained access to your network. The damage is usually greater than a defaced or hacked web site. There could be data being exfiltrated or a ransomware attack about to take place. Our forensic analysts can determine how the web site was compromised and track the attacker to see if they are still on the server or in your network.