First we shall collect volatile data and other critical artifacts from your system using forensic tools that have an ability to connect to your system without modifying any timestamps.
Next we shall gather external intelligence based on identified indicators of compromise (IOC). Then we shall identify the potential infection or type of malware in your system.
After the above, we shall safeguard your system and collect the appropriate logs. It is important to view the story at both the network and at the endpoint level.
Next we shall clean your system and make sure that the intruder cannot penetrate your system any more. During the cleaning operation, your system will be temporarily down and we shall assist you when informing your stakeholders about damages and other consequences.
Finally, we shall tell you how to avoid security breaches in the future and how to make your information system compatible with the ISO27001 standard and EU’s GDPR legislation.