list of services

ACQUISITION & PRESERVATION SERVICES

  • Live data acquisition (on- and off-site)

  • Remote data acquisition

  • Forensic imaging

  • De-duplication Electronically Stored Information (ESI) for discovery

  • Interact with government forensic examiners for clients adverse to the government in litigation

  • Interviews with key individuals to identify relevant data sources

MATTER SIZES WE WORK WITH

  • Single file to complex corporate IT environments with Petabytes of data

  • Single witness interviews to 50+

  • Single custodian collection to 200+

  • Single search term to 5,000+ 

EVIDENCE SOURCES

  • End User - laptops, desktops, tablets, USB drives, cellular devices

  • Network - email, file, print, and voicemail server, tape backups, cell phone towers/call detail records, syslog

  • Cloud - cloud storage, cloud emails, social media, website

  • Media - pole camera, cellular phones, video camera, photographic camera, digital voice recordings 

CASE TYPES

  • Intellectual Property Theft

  • Breach of Contract

  • Breach of Fiduciary Duty

  • Wrongful Termination

  • Regulatory Compliance

  • Embezzlement

  • Data Breach

  • Insider Trading

  • M&A Due Diligence

  • Receivership

  • Professional Malpractice

  • Workplace Investigations

  • Criminal Matters

  • Money Laundering

  • HIPAA

  • ITAR

  • FCPA

  • Extortion

  • Terrorism

  • Probate Fraud

  • SCA - Service Contract Act

  • CFAA - Computer Fraud and Abuse Act

  • Malware/Ransomware

qUESTIONS ANSWERED BY dIGITAL FORENSICS

  • What USB devices were connected to a computer?

  • What deleted data may be recovered from a device?

  • What cloud based storage and data transfer sites have been accessed (Dropbox, Onedrive, etc)?

  • Which users accessed particular data?

  • Who leaked confidential information to outside parties?

  • Whether an attack compromised private data (including credit card numbers), and to what extent?

  • Whether an email has been opened, modified, or deleted?

  • Whether a user has tampered with or erased data?

  • Whether an employee has used company resources to browse contraband?

  • Where a data security breach originated?