Skip to main content
DriveByte +49 941 38107840

Digital Forensics & eDiscovery

IT security is a complex topic that involves procedures that require explanation. In order to explain our services to you in a comprehensible way, we have put them into an everyday context. The protagonists are our cellar keepers Maximilian and Amir.

"Maximilian is an early riser and usually the first one in the office. That was also the case on this Tuesday morning. As usual, he unlocks the office doors, turns on the lights and switches on the coffee machine. That's when he sees it - destroyed PC screens, loose paper scattered on the floor and randomly opened drawers all over the room. Shocked, but cool, Maximilian reels off the program he usually only watches on Sunday nights during CSI."

Identification

What happend?

Maximilian inspects the crime scene to get an initial picture of the incident. We also get an overview of what might have happened and take care not to cover up any traces.

Preservation

Don't touch that!

Next, Maximilian secures all the evidence he can find. If an incident has been detected in your premises, our experts secure all relevant evidence without altering the original condition.

Analysis

Heureka, or something.

ionicons-v5-m

Like our protagonist Maximilian, we now analyze the evidence we have gathered and formulate hypotheses. How and where did it happen? Who is responsible for the incident and why did it happen?

Documentation & Presentation

I solemnly swear!

ionicons-v5-i

Pictures, fact sheets - Maximilian has often seen the bulletin boards on TV and starts documenting. You will receive a detailed documentation including recommended actions as a follow-up to each forensic investigation.

Service configuration? A quote? Contact us!

Get in Touch

Technical Approach

 

In case of security incidents involving criminal activities, e.g. nefarious content, or standard audit activities, an experienced and certified Defensive Expert is able to provide the necessary digital forensics services including all the methodical and proven steps by the Federal Office for Information Security (BSI, Bundesamt fürSicherheit in der Informationstechnik).

ionicons-v5-i

Data Acquisition

Acquiring any data linked to a specific audit or incident is an integral part of the forensic investigation, ensuring that no altering or mistreatment of digital evidence occurs.

Data Examination

After acquiring all digital evidence, the data is examined, and interesting artifacts are flagged.

Data Analysis

During the analysis phase, the Defensive Expert will analyze the flagged artifacts and digital evidence provided to create a timeline of events and answer the relevant questions, e.g. who, what, when, and how.

Documentation

The most important step during any forensic investigation is the documentation phase. For any digital evidence to be admissive to a court of law and withstand official examination, a rigorous documentation must be provided showing all steps taken from acquisition to analysis