Digital Forensics

Coalfire’s digital forensics group provides services aimed at obtaining, preserving, and examining digital evidence. Our forensic analysts can provide information surrounding details of a security incident and can piece together specific events to provide a greater understanding of when an event occurred, who was involved, and what data was affected. 

ForensicsHave you been effected by a security breach? Is your client involved in litigation which involves digital evidence? Do you need a health check of a system to ensure its integrity remains intact? Coalfire’s digital forensics group can help.

Coalfire provides services for organizations investigating a security incident and post-containment stages of data breaches. Those services include:

  • Breach Response Analysis - Indicators of compromise, incident timeline, network connection and user account information, malware and vulnerability information.
  • Cellular and mobile device investigations – Capturing system images of mobile devices for forensic analysis, keyword and pattern searches as well as PII or credit card data.  
  • Employee Misuse and Misconduct Investigations - Coalfire’s misuse investigations focus on review of system users who have been accused of violating an organization’s policies and acceptable use procedures.
  • Indicator of Compromise (IOC) Check – Coalfire can evaluate your system for indicators of compromise including malware on disk or in memory.
  • RapidCheck – this is our IOC Check tailored to Point of Sale (POS) systems. Checks for compromise and credit card exposure on POS terminals.