Incident Response and Investigation

Think Security understands that our clients face many different types of computer forensic matters. To help them address these potential challenges, our Incident Response and Cyber Forensics practice offers a full range of services across the forensic, discovery, and investigative life-cycles.

Frequently, organizations discover during attacks that they have dated investments in technology, an insufficient number of trained staff, and a response plan which has never been practiced. Further, managing incident response to ensure that the attackers are removed and the damage is assessed is also complicated by the maze of regulatory requirements and breach notification laws.

Think Security offers data collection services across a wide range of data sources and devices. Our teams use industry standard forensic software and hardware to improve drive acquisition speed, and multiple options for write blocking to help maintain the integrity of each collection. Our professionals follow industry standard chain of custody (CoC) guidelines. The collection methodologies and CoC documentation are designed to meet requirements for court acceptance.

Think Security Incident Response Services specializes in investigating intrusions and targeted attacks performed by advanced threat groups. Our consultants have extensive experience in network analysis, forensics, and malware analysis and use proprietary technology, creative investigative techniques and intelligence gathered during each investigation to improve our ability to identify the actions of the attacker, the scope of the breach, the data loss, and the steps required to remove the attacker’s access.