We offer a range of forensic investigation services in the event of a security breach, designed to help companies uncover the complete story behind the breach and gathering evidence that may then be used in court if the organisation chooses to take legal action against any perpetrators.

In the past these investigations have involved detailed searches through web log files for evidence that a system compromise was instigated through a web interface; and searches for root kits, software that attackers install on a server to hide their presence and retain their point of entry. These investigations may reveal evidence of malicious or accidental activity, or of technical failures, such as misconfigured firewalls allowing over-permissive access to a server, for example.

Our consultants have many years' experience in the delicate and complex process of evidence gathering from compromised systems, in accordance with the ACPO (Association of Chief Police Officers) approved guidelines, breach of which could render technical evidence inadmissible. We are also able to advise clients on how best to prevent a security breach turning into a public relations disaster.