Recent research has shown that organizations typically take upwards of 200 days to realize that they have been victims of an advanced attack. How then does an organization obtain assurance that its security controls have not been breached? To assist with this goal we offer Compromise Assessment as a service focused on capturing, analysis and detecting suspicious traffic, malicious activities, compromised systems, and the possible presence of an attacker or backdoor within the corporate network.
- Analysis of network, endpoint, and log data
- Identification of compromised systems
- Anaylsis of attacker activity
- Report of findings
NII has done extensive projects in digital forensics and has a dedicated team for carrying out these various activities. We have co-operated with law enforcement authorities in helping them getting leads in the forensics investigations and also played a vital part in internal corporate investigations for many of our clients. Our work ethics and quality deliverables have won accolades from many of our clients and their testimonials are strongest testimony to our professional and quality work deliverables. A representative list of some of the projects we have done are:
- Analysis of dozens of hard drives and correlating them with financial documents to build a water-tight case of tax evasion, FEMA violations, disproportionate assets, etc. against the accused who was arrested on other grave charges. The evidence and reports provided by us enabled regulatory agencies to pursue multiple independent cases against the accused and law enforcement was able to file a 5000-page charge-sheet
- Analysis of server logs to determine a breach in one of the country’s main telecom firms done by Pakistani hackers prior to Independence day. Complete details of the steps taken by the hacker and the malware uploaded onto the servers was provided along with detailed recommendations on how to ensure such an event doesn’t occur in the future
- Disk-based analysis to retrieve deleted files, email correspondence and Internet browsing history of the suspect and determine the exact nature of the financial fraud as well as determine the list of accomplices.
- Analysis of smartphones and tablets to retrieve BB Messenger, WhatsApp, and SMS communication
- Empaneled by a multi-national bank for all forensic cases in the Asia-Pacific region
Our expertise in this area stems from our close association with one of the country's leading fraud experts - Mr. Chetan Dalal a Chartered Accountant, Certified Fraud Examiner, Certified Information & Systems Auditor & Certified Internal Auditor. Mr. Dalal has vast experience in Fraud Detection, Forensic Accounting & Anti-Fraud Controls Implementation. We have carried out numerous assignments jointly combining the expertise of financial fraud investigation with digital forensics to recover trails that have been attempted to be wiped out by the perpetrators of the fraud. Previous assignments have covered financial institutions, automobile companies, telecom companies, engineering and pharmaceutical companies.
With our SOC team's experience of taking down hundreds of websites in the past, our takedown service is a well-oiled machine that is geared to respond to your alert at any point of time during the night or day. We possess the following skills that help us protect your customers effectively and immediately.
- Quickly identify the website owner and the hosting provider
- Contact the owners and co-ordinate takedown action
- Use our network of worldwide partners to overcome language and geographical barriers
- Use our extensive database of hundreds of hosting provider contacts to quickly pinpoint the right person to contact, rather than sending mails to abuse and webmaster email IDs
- Guarantee an SLA of 12 hours for the site to be taken down
- Leverage our relationships with anti-phishing groups and worldwide CERTs to bring additional influence and ensure effective take down.