This service covers the retrieval of the elements allowing to constitute an investigation case, the analysis of the elements collected during an incident as well as the restitution of the facts and the analyses in the form of a report. This service can be associated with a service of incident response..
You will find below the steps constituting our digital forensic service:
- Context retrieval.
- Data ingestion in our tools.
- Data analysis.
- Restitution of a first preliminary report.
- Writing of the final investigation report.
- Restitution of the final report.
- Suspicious file writes/modifications.
- Persistence creations/modifications.
- Antivirus detections.
- Use/presence of attack tools.
- Exploitation of public vulnerabilities.
- Suspicious authentications or authentication attempts.
- Suspicious command executions.
- Process overuse.
- Suspicious web browsing.
- Suspicious cloud synchronization.
- Receiving suspicious emails.
- Device connections.
- Contacting suspicious IP/domains.
- Uploading large amounts of data.
- Unconventional data transfers.
- Suspicious incoming/outgoing traffic from a host.
- Suspicious connections.
- Traffic manipulation.
9:30 AM - 6:30 PM CET/CEST
monday - friday
🔑 COGICEO CSIRT PGP key
8031 61C4 3EAB F642
434E 6D2B D789 82A8 DF25 D2C7 8031 61C4 3EAB F642