digital forensics investigation services
Digital forensics is the use of scientifically derived and proven methods for the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence. This evidence can be extracted from many digital sources such as CD/DVDs, hard drives, flash drives, memory sticks, and magnetic tapes, etc.
Digital forensics serves as a supporting proof or corroborating evidence often made by prosecutors and defendants to refute a claim that a certain activity was done by a specific person using a piece of digital equipment. The most common use is to recover erased digital evidence to support or disprove a claim in court of law or in civil proceedings such as the eDiscovery process in courts. Forensics is also used during internal corporate investigations or intrusion investigation which includes additional activities like network and log review
how certcube helps you in
Certcube Labs has done extensive projects in digital forensics and has a dedicated team for carrying out these various activities. We have co-operated with law enforcement authorities in helping them getting leads in the forensics investigations and also played a vital part in internal corporate
investigations for many of our clients. Our work ethics and quality deliverables have won accolades from many of our clients and their testimonials are strongest testimony to our professional and quality work deliverables. A representative list of some of the projects we have done are:
- Analysis of dozens of hard drives and correlating them with financial documents to build a water-tight case of tax evasion, FEMA violations, disproportionate assets, etc. against the accused who was arrested on other grave charges. The evidence and reports provided by us enabled regulatory agencies to pursue multiple independent cases against the accused and law enforcement was able to file a 5000-page charge-sheet
- Analysis of server logs to determine a breach in one of the country’s main telecom firms done by Pakistani hackers prior to Independence day. Complete details of the steps taken by the hacker and the malware uploaded onto the servers was provided along with detailed recommendations on how to ensure such an event doesn’t occur in the future
- Disk-based analysis to retrieve deleted files, email correspondence and Internet browsing history of the suspect and determine the exact nature of the financial fraud as well as determine the list of accomplices.
- Analysis of smartphones and tablets to retrieve BB Messenger, WhatsApp, and SMS communication
- Empaneled by a multi-national bank for all forensic cases in the Asia-Pacific region
we offer multipe type of digital forensics services
At Certcube, we have a full-fledged team and a well-equipped lab to carry out the following types of digital forensics:
- Computer forensics
- Reveal the current state of computer system
- Obtain evidence from various storage medium such as computers, embedded systems, USB pen drives
- Examine system logs and Internet history.
- Some of the artefacts we can get from such investigations include:
- Hidden, deleted, temporary and password-protected files
- Sensitive documents and spreadsheets
- File transfer logs
- Text communication logs
- Internet browsing history
- Pictures, graphics, videos and music
- Checking Event logs and System Logs
- Checking Illicit, pirated or legitimate software installations
- Mobile device forensics
- Recover digital evidence from a mobile device.
- Investigate call logs and text messages (SMS/Email)
- Providing location information via GPS or cell site logs
- Investigate communication stores such as BBM, WhatsApp, WeChat, etc.
- Artefacts that can be retrieved are:
- Phone number and service provider information
- Incoming and outgoing call logs
- SMS, Emails, IRC chat logs
- Contact details from address books and calendars
- GPS and location based data
- Network forensics
- Monitor and analyze LAN/WAN/internet traffic (even at the packet level)
- Retrieve and analyze logs from a wide variety of sources
- Determine the extent of intrusion and the amount of data retrieved
- Forensic data analysis
- Investigation for financial frauds
- Correlating with financial documents
- Working closely with Certified Fraud Examiners
- Database forensics
- Forensic study of databases and their metadata.
- Investigation on database contents, log files and in-RAM dat
First Response , Search and Seizure
Evidence Collection and securing the devices
data acquisition and analysis
evidence assessment and detailed case study preparation
documentation , reporting and expert witness testimony
What We Offer
Enterprise digital foresnciss investigations
Having Enterprise Forensic platforms managed by your company’s support teams will help provide strong value towards on-going evaluation and investigation planning activities. Enterprise Forensic platform solutions help provide end-to-end post analysis data which gives support departments the ability to identify evidence that can be pursued or sent to legal authorities to manage.
civil digital forensics investigations
Civil litigation is an integral part of the justice system and digital evidence has consistently proved its value, although procedures within civil cases differ somewhat from those in criminal cases. Data collection, imaging and the presentation of the evidence can be considerably different, with the consequences of the case ultimately having very different outlooks.
Firstly, in the traditional manner, the civil aspect covers an array of violations outside of the criminal spectre, namely ‘white-collar crimes’. These typically cover a variety of crimes committed through deceit and are motivated by financial gain, including fraud, bribery, tax evasion, intellectual property theft, computer misuse and commercial disputes. The losing parties within such disputes often must give payment, property or services to the prevailing party as imprisonment is not at issue within civil cases.
Within civil litigation, there also tends to be a lot of negotiation over what digital evidence, computers and data can be inspected, as well as where and when. It is common for one party to have access to a limited area of data from the other party’s computer. During this time, a defendant may take the opportunity to attempt to hide or destroy data, which is where a computer forensic expert can come into play, employing specialist techniques to recover the ‘lost’ data. This deleted data and in itself, the act of deleting the data can be used as further evidence within an expert witness testimony. However, a missed item of digital evidence can be the difference between a substantial jury verdict and the dismissal of a case.
Any litigation matter that involves digital evidence, whether located in a computer, laptop, tablet, smartphone, portable drive, or any other device is open territory for eDiscovery. In a civil case, the initial process of eDiscovery (electronic discovery) may be to find enough relevant data to show a party whether they are likely to prevail if the case goes to court.
Another aspect of utilizing digital forensic experts within civil litigation is in the case of a family matter or divorce. If an individual has illegally obtained access to their partner’s email or social media account then a computer forensics expert can examine the digital evidence, some of which may have been removed or deleted.