Varnost
Digital forensics
Digital forensics is a procedure to collect and analyze digital evidence from storage media. The aim is to reconstruct past events and/or recover lost or hidden content. Understanding of the methodology and tools is cruicial for succesful investigation. The evidence has to be handled in such a way it’s integrity doesn’t get damaged. The procedures taken have to be toroughly documented and repeatable. A comprehensive report as the final deliverable is one of the integral part of an investigation.
Who are the users of digital forensics
- Law enforcement organisations dealing with potential criminal activity
- Organizations, following a security breach, trying to find out the background and the level of compromise of the breach
- Parties in legal processes in need of digital evidence
- Someone that has lost crucial data in an operational or system error and would like to recover it
References
Penetration testing and security audits
Pen testing and security audits have a lot in common. A security audit can be just on configuration/standards/procedures/compliance level or a full technical security audit. In a technical audit a lot of the tools needed are the same as in penetration testing, but usually the exploatation phase (exploiting the vulnerability) is omitted, whereas in pen test it’s usually executed (depending on the rules of engagement).
References
- Certified BS7799-2 internal auditor
- Completed SANS Auditing Networks, Perimeters & Systems
- Completed SANS Network Penetration Testing and Ethical Hacking
Incident response
In case of a potential security incident it is crucial to respond to it according to the organization’s incident response policy and in a way that doesn’t destroy any evidence (or at least minimizes it). Often organizations start thinking about that after an incident has already occurred. Nevertheless, even without an IR policy, a skilled professional can ensure that the event is dealt with in the most appropriate way..
References
- Completed SANS Intrusion Detection In-Depth
- GIAC certified system forensic analyst – GCFA
- Completed SANS Auditing Networks, Perimeters & Systems
Firewalls and IDS
Though there are many types and brands of firewalls, their basic principles are the same. We focus primarily on Juniper Netscreen family of firewalls, though we have experience also in various other products. We can also analyze and audit your ruleset or make a security assessment. We also support Snort IDS systems.
References
- Completed SANS Network Penetration Testing and Ethical Hacking
- Completed SANS Intrusion Detection In-Depth
- Completed SANS Auditing Networks, Perimeters & Systems
- extensive experience with Juniper Netscreen (ScreenOS) systems