Forensic Investigation

In the aftermath of a cyber incident, it is essential to immediately isolate the impacted systems and identify the hosts involved. Kivu has developed a proprietary forensic methodology that allows specific identification of the affected systems, rapid and thorough forensic analysis, and a protocol to assist clients in remediating their networks.

The Kivu Digital Forensic Lifecycle considers forensic analysis as a business process in which the forensic examination enables our clients to build a stronger infrastructure for detecting and avoiding new threats.

Kivu’s digital forensic analysis provides a detailed account of digital evidence, including a timeline for the event on the host, which results in actionable indicators that can be used by our intrusion detection analysts to identify other compromised hosts throughout the enterprise. Kivu’s experts use established computer forensics techniques, intrusion analysis, and malicious code analysis capabilities to thoroughly assess the system and methods used for the incident.

Kivu is unique in understanding the legal implications of an intrusion, and can advise our clients on the technical and practical challenges of digital forensics. Our team of professionals has testified as expert witnesses throughout North America and Europe. Our professionals are experienced in the forensic analysis and extraction of data from all Windows, MAC and Linux operating systems, all commercial mail clients and servers, and all commonly used mobile phone devices.

Our people, processes and advanced technology are discretely adapted to each client’s specific needs.