If you need eligible evidence for the court, we can help you

Some incident response activities are inconsistent with the principles and concepts of forensic investigation. You want to prosecute criminals for illegal acts perpetrated on your IT systems, and then it requires computer evidence that will be admissible in court. The collection and preservation of the integrity of such evidence is essential and requires high level skills, as well as sophisticated techniques and tools.

At CAPTOSEC, we have forensics specialists and tools to meet that need. They are able to extract relevant information from received media and files such as RAM, network traffic, disk image, and so on.

In order to collect and preserve the integrity of the electronic evidence that may be admissible in progress, our specialists carry out the following activities:

+Identifying, retrieving and exploiting elements needed to collect evidence (RAM, disk image, pcap files, etc.)

+ Extracting artifacts and protecting integrity

+ Analyzing DOS, Apple, and GPT partitions; BSD disk labels; and Sun Volume Table of Contents using key concepts, data structures, and specific techniques

+ Analyzing extracted evidence

+ Finding evidence: file meta-data, recovery of deleted files, data hiding locations, and more

+ Establishing chronology and event history

+Providing digital evidence in support of a civil or criminal record

+ Identifying hidden data on a disk’s Host Protected Area (HPA)

+ Reading source data: direct versus BIOS access, dead versus live acquisition, error handling, and more

+ Analyzing the contents of multiple disk volumes such as RAID and disk spanning

+ Analyzing FAT, NTFS, Ext2, Ext3, UFS1, and UFS2 file systems using key concepts, data structures, and specific techniques

+ Writing expertise report

+ The Sleuth Kit (TSK), Autopsy Forensic Browser, and related open source tools

+ Recovering Deleted Registry Hives

+ Recovering Data

+ Memory analysis

+ Full packet capture

+ Registry analysis

+ File system analysis

+ Relevant digital evidence 

+ Forensics report

+ Recommendations for mitigation

+ Recovered data

+ Eligible digital evidence in Court

+ Our actionable forensic reports allow you to adjust you security controls to prevent future attacks

+ Your lost data are recovered

Why People Trust us ?

Client's Experience Counts

CAPTOSEC takes the needs and requirements of its customers to heart.

We Love Quality

CAPTOSEC relies on a holistic quality assurance process that helps enhance the deliverables and meet the clients’s satisfaction.

Our Motivated Team Uses Right Tools

By using right tools combined with good processes, CAPTOSEC meets the stakeholders’s expectations.

We Always Deliver On Time

CAPTOSEC’s Security Professionals listen and collaborate with clients throughout all phases of projects.

Our Security Professionals Are All Certified

In addition to their experience and skills, Security Professionals from CAPTOSEC hold Industry certifications such as CISSP, CASP, C|EH, CISM, CISA, Security+, CCIE, RHCA, PMP, ECIH.

Other Expertise from CAPTOSEC

Design, development and improvement of information security processes

Development & enhancement of security policies, orientations, and guidelines

Threats modelling, Risks analysis and Recommendations

Quality Assurance of Deliverables in Information Security

Advice, Training & Awareness on information security

Design and Development of Security tools such as Template, Scripts, and Forms

Security audit & Assessment of Networks, Systems, Applications & Data

Assist the customers in their software and hardware acquisition processes

Penetration testing of Applications, Networks & Systems

Design & Assessment of Business continuity and Disaster Recovery Plans

Protection of Networks, Systems & Security Devices

Intrusion Detection & Forensic Investigation

Projects security support

Our Methodology

We understand the needs and context of the client

We validate with the client, the scope and deliverables

We collaborate throughout the project phases

We rely on standards, best practices & QA