Solutions
Goaco deliver Digital Forensics and Incident Response services to a broad range of our clients. Whether integrated with our Managed Security Services or as a standalone deliverable, the Goaco team are available 24/7 to engage in the event of a suspected incident.
Goaco’s team of consultants are on hand to investigate and provide remediation activities to support your organisation.
Focuses on addressing and mitigating security incidents.
Enables the identification and confirmation of false positives.
Provides the ability and guidance to allow for detection containment, eradication, recovery and lessons learned.
Collection, Analysis and preservation of digital evidence.
Reviews and examines systems, network devices and networks to uncover evidence of cyber issues or security incidents.
Detailed analysis of digital artifacts, evidence and indicators of compromise.
The key steps in DFIR are as below:
Recognising and confirming security incidents.
Preventing the incident from spreading.
Removing and blocking the threat from returning.
Restoring affected and sometimes infected systems and technologies.
Review and analysis of the incidents to identify best practice for future improvements and to update protection against incidents.
DFIR Practitioners use a variety of tools for forensic analysis and incident response.
Tools may include: Network forensics tools, memory analysis tools and Endpoint Detection and Response solutions (EDR).
In depth examination of digital evidence to reconstruct events and determine the extent of a security incident.
Involves Files System Analysis, Memory Analysis and Network Traffic Analysis.
A structured and systematic approach to enable the effective management of an incident through active communication and collaboration amongst incident responders.
Adherence to legal and ethical guidelines in collecting and handling digital evidence.
Requirement to record the correct documentation in case of potential legal proceedings.
Post incident reviews are required to improve the organisational security posture.
Review and update to incident response plans, policies and playbooks.
Start your transformation today by speaking to one of our consultants