Guidance Software
Incident Response Services
Incident_Response_Services_Title.gif

 

Security breaches, data theft and directed attacks are on the rise. Quick containment of an attack and triage of affected machines is crucial, as analysis of volatile data can make or break a case. Guidance Software can help.

We are able to customize our EnCase technology to meet your unique incident handling needs. With the power of EnCase Enterprise’s network-enabled forensics, PSD personnel can effectively handle large-scale investigations, scanning hundreds of machines simultaneously to zero in on the origin of the incident, diagnose and remediate quickly and accurately.
  • Incident Response Investigations: scan your network for signs of compromise, malicious code, rootkits, IRC bots and Trojans, while forensically preserving the evidence.
  • Malware Analysis (Behavioral and Code Analysis): detailed analysis of malicious files (hacker tools, viruses, Trojans) to determine their commands and capabilities, the scope of the attack and propagation, payloads, exploits, etc.
  • Remediation of Affected Machines: effectively remediate machines that may have been compromised, extending to registry keys, running processes and files..
We also offer packaged services to proactively scan your network for threats or policy violations.
  • Confidential Data Audit: scan your network to locate any personally identifiable information (PII) or confidential data leakage, then remediate, if you so choose .
  • Compromise Assessment: locate all executables on your network, identify both the known bad and unknown, then restore your network to the desired configuration.
  •  
  •  
  •  

  •  
  •  
"Because of Guidance Software and EnCase Enterprise, we were able to uncover hidden computer misconduct by a former executive of our client. This electronic evidence gave us a significant strategic advantage in the litigation."
Thomas G. Mackey,
Partner, Jackson Lewis
For More Information Contact Me