Our service ensures you are prepared for the worst.
After a security breach, logs are gathered to understand what has happened and as evidence to prosecute the attacker(s). All too often the logs gathered by default are inadequate, lacking in detail, or missing altogether. Our service ensures that you are prepared for the worst.
Our Forensic Readiness Review ensures that an organization is collecting sufficient logs and storing them in a forensically sound manner. This will enable you to facilitate a thorough investigation of an incident and, if necessary, prosecute the attackers in a court of law.
By default, most organizations do collect some logs from their network devices and various operating systems. However, most don’t manage them or consider the “audit policy” which defines which events are recorded.
We start by conducting a Forensic Readiness Review workshop where we exercise some breach use cases to test the effectiveness of the available logs. A gap analysis is performed and, where necessary, changes are suggested to increase forensic readiness.