CyberScout

Incident assessment and analysis deliver critical insight

When a cybersecurity incident happens, you need to know the details around everything that occurred. Cyberscout’s advanced Forensic Investigation Services empower businesses to quickly understand the incident with quick and in-depth analysis.

RALF: Forensic Investigation Services with the latest capabilities

Cyberscout deploys enhanced tools and techniques to provide deep analysis and assessment of security incidents. Most of our forensic investigation services are conducted using our proprietary Remote Access Lab Forensics (RALF) device. RALF delivers big benefits to our investigative team as well as our clients. This device is housed in a small computer, which we place onsite with the affected client. The use of RALF allows us to deliver easy and immediate support at your location. It also:

  • Offers more robust security over other methods
  • Enables enhanced remote investigations
  • Makes it possible for data to remain local (tweaked)
  • Is third-party validated secure
  • Is easy for non-technical staff to use

System Compromise Response

This service offers an elevated understanding of your security incident. It includes exfiltration analysis, determining the manner of compromise, actions taken by the threat actor and whether the threat actor is still within your environment.

As part of our system compromise response support, Cyberscout provides:

  • Background details of the event
  • Executive summary of findings from the analysis
  • Evidence that determines whether data exfiltration occurred
  • Evidence showing the manner of compromise and actions taken by the attacker

Ransomware Recovery

We know that a ransomware attack can cause tremendous disruption to your business operations. Our recovery service includes rapid support to help with data recovery and ransom payments, depending on the nature of the incident and your organization’s response strategy.

Cyberscout will:

  • Gather facts and explain the risks associated with paying the ransom
  • Communicate or negotiate with the threat actor
  • Obtain proof of decryption
  • Facilitate the use of an anti-money laundering check
  • Make payment from a Bitcoin wallet
  • Provide the decryption key to affected client
  • Support our client through the entire decryption process

Business Email Compromise

Our business email compromise service includes exfiltration analysis, the manner of compromise, actions taken by the threat actor and whether the threat actor is still present in your environment.

Cyberscout provides clients with valuable information:

  • Background details of the event
  • Executive summary of findings from the analysis
  • Evidence that determines whether data exfiltration occurred
  • Evidence showing the manner of compromise and actions taken by the attacker

Data Mining

Cyberscout empowers clients impacted by a security incident to gain visibility into their event at a granular level.

As part of this service, clients receive a report containing:

  • A background summary of the event
  • The search parameters used
  • A results summary including the number of each type of sensitive information that was found

Clients also receive:

  • Raw results, sent separately to the client over a secure transfer method that contains where information was found
  • The option for a full review of the raw data and results, in a notification-ready, well-organized document, clearly showing impacted individuals and their exposed data