Digital forensics
Made in Germany.

ANALYSE

Digital Analysis Services - Computer Emergency & Response Team (CERT)

At SECUINFRA, we have made it our mission to support companies in the areas of digital forensics and malware analysis. Use our services to combine the internal capacities you already have into a comprehensive qualitative concept equipped to deal with every type of security incident.

As opposed to traditional areas of IT, which are mainly covered by internal technicians, companies often lack the resources for special areas of IT security with which to support their own computer emergency response team (CERT)/security operations center (SOC) when necessary.

Digital forensics and malware analysis provide fundamental services for incident handling. They are brought to bear when the security solutions that are in place, such as classic perimeter-based or signature-based products, fail.

Due to the ever-increasing quality and quantity of cyber attacks, and the involvement of inside perpetrators, companies find themselves up against situations like this more and more frequently.

SECUINFRA is happy to support your CERT/SOC so that you can react quickly and appropriately in every situation.

Why SECUINFRA?

secuinfra cyber defense as a service modular

Modular

Our entire service portfolio has a modular structure, meaning it is very flexible and can be adapted for virtually any customer requirement.

secuinfra cyber defense as a service hybrid

Hybrid

You decide how much service you need as well as where this should be carried out. We can investigate the secured digital evidence and malware samples within our Cyber Analysis Center or on your own premises.

secuinfra cyber defense as a service flexible

Flexible

We offer you the maximum level of flexibility in order to adapt our services to your circumstances. This includes adapting to your processes and policies, for example.

secuinfra cyber defense as a service datenschutz

Data protection

We provide our services on the basis of recognized standards and respect your internal policies and requirements.

secuinfra cyber defense as a service local partner

Comprehensive care

We offer you support throughout the entire workflow. This also includes repair strategies or the analysis and optimization of existing processes.

secuinfra cyber defense as a service long term experience

Expertise

Digital forensics and malware analysis require a very extensive and deep knowledge of IT. Our team is made up of experts with many years of practical experience. Continual further training and certification are a matter of course for us.

secuinfra cyber defense as a service long incident handling

Synergy

The various teams at SECUINFRA work closely together. Benefit from a fast reaction time to new threats or attack methods as well as a constant transfer of knowledge between our teams.

Digital forensics

Digitale Forensik

Digital forensics encompasses the reconstruction of a sequence of events through securing, analyzing and assessing digital evidence. SECUINFRA offers the entire workflow for this as a service. You decide which areas of our portfolio you would like to use, and where the service should be conducted.

With an agent-based managed service, relevant information is continuously held available at your site, so that SECUINFRA can carry out initial analyses and secure the evidence remotely if required.

Our experts can also be deployed permanently or on your premises if necessary. All our services are modular and can be tailored to your company:

  • Agent-based managed service and/or permanent or on-demand deployment of our experts on site.
  • Isolation of the system and securing of evidence
  • Analysis of evidence for reconstructing the sequence of events.
  • Documentation of evidence and presentation of results
  • Analysis/optimization of processes and policies involved.

In this process, various platforms ensure that the different challenges are met. SECUINFRA specializes in the fields of computer forensics (especially for Windows and Unix-like operating systems), mobile device forensics (with a focus on iOS and Android), and network forensics.

Malware analysis

Malware Analysis

The number of forms of malware with previously unknown signatures grows by several hundred thousand every day. As a result, the malware goes undiscovered by antivirus products, sometimes for very long periods of time, and systems are overcome.

SECUINFRA offers support for your company to enable you to respond quickly and effectively to cyber attacks based on malware.

The SECUINFRA portfolio includes two different types of malware services. Use the On Demand Malware Service and alert us when there is a need for analysis or repair by our experts. The Integrated Malware Service, on the other hand, supports you at the point of detection. Using an agent-based process, we identify malware on your computer systems, inform you at once of the analysis results, and support you with containment and repair. The process of identification here goes considerably beyond the capacities of a conventional antivirus product. This also enables previously unknown malware to be detected.

Threat intelligence

The number of forms of malware with previously unknown signatures grows by several hundred thousand every day. As a result, the malware goes undiscovered by antivirus products, sometimes for very long periods of time, and systems are overcome.

To give a cyber incident response team (CIRT) the possibility of reacting to an incident and containing the proliferation, an extensive analysis is necessary. SECUINFRA offers support for your CIRT to enable them to respond quickly and effectively to cyber attacks based on malware. You supply the malware and our malware analysts develop the best possible repair strategy together with you.

Customer examples

Analysis Smaragd Forensic

Customer A operates their own CERT. To supplement this, they also use the complete Digital Forensics Service of SECUINFRA. Through the use of an SIEM, the internal analysts identify an unauthorized login by a process user and subsequent data leakage on the laptop of a member of the executive board. Because of the critical nature of this, the incident manager decides to bring in the SECUINFRA Forensics Team. First of all, they run an initial analysis remotely and make some early findings. Following this, the sequence of events in the incident is reconstructed on site on the basis of the affected system and using the Full Packet Capture solution of the customer, creating evidence that can be used in court.

Analysis Smaragd Malware

Due to a lack of internal resources, Customer B relies on the On Demand Malware Service of SECUINFRA. Through the use of an agent-based malware analysis solution, the experts at SECUINFRA detect a previously unknown process. This is making write-access attempts to an unusually high number of local and non-local files from a customer system and encrypting them. Without delay, the customer is informed about the situation of a possible ransomware attack and given the results of the initial analysis. A joint decision is made to block the ransomware globally and to switch off the affected system after creating a memory image, in order to prevent further write access attempts on the hard drive. As a result of the quick reaction time and the implemented strategy, the virus was prevented from spreading and the customer was able to retrieve the original data.