Computer Forensics

Iphone

Computer Forensics is a combination of technology and skill. It is the ability of a computer forensic examiner to look at logical and physical disks as well as individual files, folders and registry entries to create a time-line of what the computer was used for today, yesterday, last week, last month or even last year.

The examiner can determine what data was moved, deleted, or hidden while adhering to strict guidelines of preservation so as to avoid spoliation and maintain the chain of custody. Utilizing industry standard tools and proven techniques; all possible data on a system can be analyzed. For example e-mails, images, deleted files and other information that is deemed relevant to an investigation can be reviewed.

The Examination process

Always the most important part of any project is to gain a clear understanding of what the case or engagement will involve. This is the point in the process where you target the sources of evidence in order to apply the proper computer forensic procedures.
Includes forensic disk imaging to gathering information from network servers in a manner that ensures the proper chain of custody.
This phase includes the preparation, indexing, cataloging, performing key word searches, data mining etc.
Once the examination is complete, presenting the material in an easy to read understandable report is essential. It must be both complete and defendable.

 

Services Include

  • Examine logical and physical disks as well as individual files and folders with FAT12, FAT16, FAT 32, NTFS (including partition free space and file slack), ExtX, and HFS+ file systems
  • Retrieve e-mail correspondence
  • Keyword/Phrase Searching
  • Access active and deleted data files or file fragments
  • Discover graphic images
  • Access Chat databases
  • Identify Internet usage
  • Recover data appearing lost due to hardware or software malfunction or destruction
  • Access password protected files or encrypted files