What is it?


Ransomwares, trojan horses, phishings and CEO scams are some of the main threats that constantly affect organizations around the world. Having specialized personnel is crucial to contain in time and form the potential incidents to which the companies are exposed, and take the necessary security measures so that they do not happen again.

Approach


At Zerolynx we are experts in Digital Forensics & Incident Response (DFIR). We have certified personnel and judicial experts that will allow you to respond to current threats.

Our Digital Forensic Analysis service will allow you to answer questions such as: what has happened?, how was it possible?, when did it happen? or why has it happened? In this service, our forensic experts will analyze your hard drives, smartphones, jobs, servers and other electronic assets, in order to determine the events that occurred during a cybersecurity incident. These processes are carried out under the necessary legal guarantees, by lifting the chain of custody and with the possibility of carrying out forensic work in the presence of a notary.

Our Incident Response service will provide technical support in the evaluation and containment of security incidents that may occur, such as malwares, identity theft, phishings, scams, denials of service, loss of backup copies or damages. of hard drives, among others. Our expert staff will help you to contain the problem and take the necessary measures to restore the service. To do this, our team will be present in their facilities and accompany their IT staff to stop the incidence of the incident, taking the measures that are necessary depending on the type of threat. Next, they will try to identify the root problem, and will define a series of recommendations to alleviate the problem and prevent it from happening again.

Methodology


The work of acquisition of evidence and subsequent forensic analysis carried out during our DFIR services, are made based on the Spanish standard 'UNE 71506: Methodology for the forensic analysis of electronic evidence', published, in its first version, in July 2013 by the Spanish Association for Standardization and Certification (AENOR).

Deliverables


During the processes of digital forensic analysis, an expert forensic report is presented with complete details on the action taken, according to the guidelines set out in the standard 'PNE 197001: General criteria for the preparation of reports and expert opinions', published in March 2011 by AENOR. This expert report can be presented with full validity in a possible trial, and will be ratified by our experts in court.

On the other hand, at the end of the response to an incident, an action report will be delivered, detailing the problem that has been identified, a timeline of the event (whose data will be extracted from the recovered logs), the actions that have been taken out to contain the incident, and the recommendations to follow so that it does not happen again.