We offer expert services in computer forensics especially related to cybersecurity meaning DFIR (Digital Forensics and Incident Response). We have a status of IT Expert Witness in Poland, and have taken part in securing evidence on crime scenes. We use highly specialized equipment and commercial tools to perform our forensics analysis.
Incident response (CERT, CSIRT)
REDTEAM.PL CERT is a recognized incident response team and a member of the largest organization Trusted Introducer that brings CERT teams together. As a CERT (Computer Emergency Response Team) known also as a CSIRT (Computer Security Incident Response Team) we are able to help in situations when a security incident already has taken place. We will advise how to approach the problem, and get expected results and perform a reliable analysis of the event. Our team will deliver a complex service starting from properly securing the data to analysis and delivering the final report with the findings. In order to help the customers securing the data properly on their own we offer a know-how on how to do it for Windows and Linux systems.
We analyze IT systems after they have been breached (hacked). We will help to secure the evidence, determine how the attack occurred, what operations have been performed by the attackers.
Secure data erasing
In case a customers wants to securely remove sensitive data out of a undamaged hard disk we are able to help. This service may be used in cases such as old storage being decommissioned and later set up for sell or before returning a rented equipment. After the process no one will be able to recover data from the disk even with the help of digital forensics tools.
Log, disk, RAM and network analysis
We perform all sort of analysis on hard disks, logs (e.g. Windows events), RAM memory dumps and network traffic.
We help customers in detecting acts of corporate espionage in cases of suspicion where competition or rogue employees are trying to obtain the company secrets.
“Practical computer forensics analysis”
Adam Ziaja, one of our company founders is the author of a first Polish technical book describing Digital Forensics and Incident Response (DFIR) titled “Practical computer forensics analysis” (ISBN 9788301193478), which was released mid 2017 by Polish Scientific Publishers PWN. The book covers such topics as: securing digital evidence, hacker attack analysis, backdoor and rootkit detection.
We perform malware analysis, both behavioral and static analyses approaches are used by our analysts. Also we are able to analyse disks for malware presence and identify it.