Cyber Forensics - Digital Mountain

Understanding the scope of a breach is vital for identifying how an intruder worked their way into a system, what data may have been accessed, and the business impact going forward.

One of the first tasks in a breach is to understand if the attack is still on-going. If the breach is still in progress, our experts are able to assist the organization’s IT with bringing the attack to a halt. Once it is determined that the breach is under control, our forensic experts are able to preserve the breached system’s storage, memory, and associated logs using evidentiary sound methods.

This enables digital investigators’ abilities to analyze the system and reverse engineer the entry point of the breach, thus helping protect the organization from future attacks. Log file analysis and memory analysis are just two of the many areas that need to be meticulously researched in order to find the ‘when’ and ‘where’ of a breach.

Other areas our experts are trained in include analysis of malware, spyware, trojans, and viruses. Finding any of these rogue pieces of software may answer the question of ‘how’ an attacker was able to gain access to the system. We provide expert witness services and downstream litigation support when needed.