What is Digital Forensics?

What is Digital Forensics?

Digital forensics is the art of examining digital evidence, gathered from different kinds of IT systems, and it also includes recovery and investigation of cybercrimes, by looking through materials found in digital devices and IT environments. When a cyber security incident has occurred, it is necessary to determine the root cause of the incident. Digital forensics includes for example file-system analysis, log-event examination, and network forensics. Digital forensics is also used in intellectual property theft, industrial espionage, employment disputes and fraud investigations.

The ultimate goal is to create an easy-to-understand timeline and classification of events. For our Incident Response Customers, the outcome is an extensive report, underlining the root cause of the incident, the threat-actors motivation, and end goal. With digital forensics, you get an extraction and documentation of all computer evidence that can be used in the court of law.

What steps are included in the forensic investigation?

The NetNordic Cyber Forensic Team has created its own tools, to enhance the investigation. The work process includes the collection of evidence, identification, classification and analysis. Remediation actions are done during the incident response process, and further recommendations are presented to the customer to harden their cyber security posture. Lastly, we document and report everything that we have found and review it together with the customer.

Security Experts & Incident Response Team

Cyber security specialists are in a key role in securing information systems. Their work is to protect systems from cyber security risks, threats, and vulnerabilities.