When you are the victim of an attack or when it has already happened, it is, apart from stopping it, also important to see what has been affected, to know how it has been possible and to learn from it to improve processes in order to avoid them.
This exercise is called forensic analysis. Through such analysis, we try to reconstruct what happened, to capture evidence, to get information regarding the attacker and to learn from it.
A2SECURE has a specialized forensics team to develop this type of activity as agile and quickly as possible, because in these situations time is always plays against the victim of an attack.
“For eDreams, as low-cost flights leader, security is a key issue. That is why we work with A2SECURE.“
eDreams ODIGEO CTO
During or after a computer attack, it is important to have the ability to act, firstly in order to block it and secondly, and often more importantly, to learn from the attack as much as possible. It is also important to know what information has been compromised, how it was possible and if possible find the attacker and prosecute them. To this end, it is essential to conduct a forensic analysis.
Each attack is different and each situation has its own peculiarities. However, a forensic analysis is performed knowing how to extract as much information from the systems as possible. This is done by:
Then, after collecting available information and its analysis, it is possible to draw conclusions from what happened revealing the causes and all possible details of the attack and the attacker.
Forensics services are tailor-made projects for our clients. Thus, our work begins and ends where the client requires, either with:
The result of a forensics activity is the collection of all possible evidence and information related to an attack and to convert an incident into a learnt lesson that may result in improved security.
Of course, through a forensic analysis and depending on its results, it is possible to act legally against the attacker through evidence collected in a valid way in order to present said evidence before the court.
A2SECURE has a highly qualified team to develop Ethical Hacking/Pentesting activities supported by various international certifications. But our trademark is our vocation to make our clients understand our results.
A Pentesting activity is really useful when the client is able to understand what has been found, the risks it implies and how it has been possible to get there. The latter is the key point: knowing how a successful attack has been possible, understanding if it is necessary to implement additional control and change an internal process that is causing breaches. In short, taking advantage of the exercise transforming it into improvements for the company.