Professional Services   

"Because of Guidance Software and EnCase Enterprise, we were able to uncover hidden computer misconduct by a former executive of our client. This electronic evidence gave us a significant strategic advantage in the litigation."
— Thomas G. Mackey, Partner, Jackson Lewis
CASE STUDY:
Incident Response with Guidance Software Professional Services
The client suspected that an intrusion had occurred on a Web server located within their network’s DMZ. They called a Big Four services firm to investigate the issue, this firm used EnCase Forensic as its tool. Because of the manual nature of EnCase Forensic, The firm focused on only 30 of the company’s 2000 servers. After three weeks of work nothing had been produced, and the client was told it would be impossible to learn how the hack had occurred or the true extent of the attack.

At that point, Guidance Software Professional Services were called in. We deployed our EnCase Enterprise agent to all 2,000 servers. Within two weeks, we understood how the hackers had gained access, what they had done and the number of machines compromised.

 
Skip Navigation Links
> products and servicesExpand > products and services
Skip Navigation Links
> companyExpand > company
Skip Navigation Links
> resourcesExpand > resources
Skip Navigation Links
> contact supportExpand > contact support
Skip Navigation Links
> support portal
  
Home > Services Home > Incident Response Services
Determine the Extent of a Compromise
or Where it can Happen Before it's too Late

We are able to customize our EnCase technology to meet your unique incident handling needs. With the power of EnCase Enterprise’s network-enabled forensics, PSD personnel can effectively handle large-scale investigations, scanning hundreds of machines simultaneously to zero in on the origin of the incident, diagnose and remediate quickly and accurately.

  • Incident Response Investigations: scan your network for signs of compromise, malicious code, rootkits, IRC bots and Trojans, while forensically preserving the evidence.
  • Malware Analysis (Behavioral and Code Analysis): detailed analysis of malicious files (hacker tools, viruses, Trojans) to determine their commands and capabilities, the scope of the attack and propagation, payloads, exploits, etc.
  • Remediation of Affected Machines: effectively remediate machines that may have been compromised, extending to registry keys, running processes and files..

We also offer packaged services to proactively scan your network for threats or policy violations.

  • Confidential Data Audit: scan your network to locate any personally identifiable information (PII) or confidential data leakage, then remediate, if you so choose .
  • Compromise Assessment: locate all executables on your network, identify both the known bad and unknown, then restore your network to the desired configuration.

 
Would you like more information about our services?
  E-mail us
or call us at
+1 626-229-9191 option 2
 
 

© 2002-2007 Guidance Software, Inc. All Rights Reserved.
Privacy Statement | Historical Information | Contact Us | Careers | Mailing List | Resellers