Digital Forensics

Collect, preserve and analyze digital evidence for an enhanced understanding of security incidents

ForensicsAs cyber threats and attacks increase, many organizations lack the skills required to properly evaluate security incidents. Whether attacks came from an external source resulting in a data breach, or from a rogue employee who has compromised intellectual property (credit card data, health information, etc.), it’s vital that organizations have the right procedures in place to investigate incidents and take the necessary post-containment steps.

Coalfire’s digital forensics group can help your organization obtain, preserve, and examine digital evidence across a variety of systems. Our forensics analysts provide information surrounding details of security incidents and piece together specific events to provide a greater understanding of when an event occurred, who was involved, and what data was affected.

If you operate a law firm, digital evidence can be a challenge. We can help you better serve clients involved in litigation by supporting digital evidence and data collection and acquisition across IT systems, mobile devices, and social networks, as well as investigative analysis, expert testimony, and litigation consulting.

Our services include:

  • Breach Response Analysis – We provide indicators of compromise, incident timeline, network connection and user account information, malware and vulnerability information.

  • Cellular and Mobile Device Investigations – We capture system images of mobile devices for forensic analysis, keyword and pattern searches, and personally identifiable information (PII) or credit card data.  

  • Employee Misuse and Misconduct Investigations - Our misuse investigations focus on reviews of system users who have been accused of violating an organization’s policies and acceptable use procedures.

  • Indicator of Compromise (IOC) Check – We can evaluate your system for indicators of compromise, including malware on disk or in memory.

  • RapidCheck – Tailored to Point of Sale (POS) systems, this service checks for compromise and credit card exposure on POS terminals.

Why Choose Coalfire as Your Digital Evidence Partner

IT forensic investigation is a core service that requires unique skills. With years of experience in digital forensics, we can supplement your existing resources and help you collect, examine, maintain and interpret evidence effectively and efficiently.

Our expertise includes:

  • Digital Forensics Hands-on Experience: Our team consists of former federal law enforcement officers and government contractors specializing in cyber operations. For legal and operational reasons, technical skill and experience are invaluable. Our forensic experts are certified in numerous forensic certifications and industry leading tools. Our examiners have been recognized as experts in computer forensics in both state and federal courts.
  • Advanced Data Recovery Collection and Analysis Tools and Capabilities: Our specialists have the know-how to recover voice, video, image, and other metadata from mobile devices, even if deleted by the user. We can also conduct social media research and archiving to assist with civil prosecution and legal cases.
  • Regulatory Knowledge and Support: Our forensic team has expertise in supporting technical assessment requirements in adherence with Payment Card Industry (PCI) Data Security Standard (DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Federal Information Security Management Act (FISMA), and more.