Live Response

Computer crimes have serious implications. Be it internal theft of confidential data or computer equipment, hacking of the network by external attackers or users misusing computing infrastructure. An incident can be defined as an event that causes a loss to the security of your information. This should be followed by a systematic forensics exercise of the systems involved in the incident. NII's extensive experience in forensics exercises carried out for large and small enterprises ensures a high rate of success.

Digital Forensics

Our digital forensics team is well-equipped with knowledge of forensics investigation, analysis, and interpretation. Right from gathering the evidence to articulating and reporting the security incident, they are adept at all.

We also have a digital forensic laboratory setup, well-equipped with the most efficient and diverse tools. Just some of the tools available in our labs include Encase Forensic Edition, Tableau Write Blocker, Helix, Autopsy, TCT, and other niche and advanced tools.

Anti-Phishing & Site Takedown

Phishing has become a common and high-risk problem for banks and lots of financial institutions. With our partnership with some of the world's leading security companies, we notify a client of a possible phishing attack and then co-ordinate a takedown of the phishing site. Our SLAs guarantee a site take down within 24 hours, thus allowing you to breathe easy knowing that your clients will not be vulnerable to divulging their secrets online. The entire exercise is legitimate service, which focuses on quick co-ordination between the webmaster, the hosting provider, the ISP, the country's CERT (if one is available), and requires the skilled usage of negotiation and language to convince the owners to take down the offending website. We often work with the phished website to investigate the cause and the source of the phisher.

Incident Response

A security incident has the ability to stall business and mar the reputation of the victimized organization. Prompt and appropriate response to an incident helps

  • limit the spread of incident
  • understand the nature of the incident
  • avoid the intruder/attacker from alerting
  • gather first-hand evidence
  • strategize successive steps to be taken

NII's Incident Response team tries to bring an incident under control within the shortest possible time and strives to trace and evict the culprit without hampering routine activities.

At NII, we use the latest tools and techniques for evidence collection in accordance with international standards such that the client can use the evidence in a court of law, if desired. Our Forensics lab includes hardware write blockers, Encase Forensics Edition, file recovery tools, secured archival of digital artifacts, and fast keyword search utilities. NII's forensics experts have extensive experience in a diverse set of situations and incidents.

The key steps in our incident response and forensics strategy are:

  1. Pre-incident preparation - determine type and extent of incident as much as possible
  2. Initial response
  3. Onsite strategy formulation
  4. Forensic duplication (imaging)
  5. Forensic analysis
  6. Recovery (restoration of the affected system)
  7. Articulation (reporting)
  8. Archival

Intrusion Analysis

We offer Intrusion Analysis services where we implement proactive incident response. Such a service can be implemented successfully with the knowledge of past incidents.

This service includes log analysis - 24X7 and 11X7. We can provide both on-site and off-site services.

Financial Fraud Investigation

One of the most unsavory aspects of globalization and a growing economy is the aspect of white-collar crime. In every industry, and in every aspect of the business world, there is the potential for a financial fraud to be carried out. Whether it is the P2P (Procure-to-Pay) or the Expense Reimbursement or the Payroll System, every accounting process can have control weaknesses. An insider or even a knowledgeable outside with a strong enough motive and opportunity can attempt to defraud the company.