Digital forensics & Malware analysis

As an addition to our 24/7 Incident Response services, we also offer ad-hoc investigation support. Depending on your own maturity, we can either perform full investigations or we can provide you with just that little extra support you need. This can include the analysis of a forensic artifact (memory, disk, network, ...) or the reversing of a malware sample. It's your call: our experts are ready at your service!

Respond
Respond

Your Challenge

You have a team of security analysts that can do security monitoring and additional analysis of incidents. Given your business however, you're not looking to in-source highly expert capabilities, such as host forensics (disk & memory), mobile forensics, network forensics, or even malware analysis. You are looking for a partner that can supplement your own capabilities!

Digital forensics & Malware analysis

Our CSIRT (Cyber Security Incident Response Team) is ready at your service and offers digital forensics & malware analysis support. Amongst others, our team can deliver the following services:

  • Host-based forensics (disk, memory, ...);
  • Network forensics (PCAP, NetFlow, ...);
  • Mobile forensics (mobile malware, ...);
  • Reverse engineering of malware samples.

Some examples of projects we've worked on previously:

  • File recovery as a result of ransomware;
  • Reverse engineering of targeted malware samples;
  • Host forensics to understand whether or not fraud had taken place;
  • ...

As a testimony of our expertise, our people have obtained the following certifications:

  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Network Forensic Analyst (GNFA)
  • GIAC Reverse Engineering Malware (GREM)

Furthermore, we run a wide variety of honeypots & sandboxes (e.g. https://apkscan.nviso.be) and we share our knowledge with the community by teaching for SANS, speaking at conferences, and maintaing our blog (https://blog.nviso.be)!

Why NVISO ?

  • Our CSIRT delivers services to some of the most critical organizations in Belgium. Furthermore, we have international experience, having responded to several incidents abroad (including other countries in Europe and the Middle East);
  • Our CSIRT is a trusted European team, all possessing a security clearance "Secret" (Belgian, NATO & EU);
  • Our CSIRT is a team of world-class experts that regularly shares their knowledge while teaching for SANS or speaking at conferences. Furthermore, our experts have obtained most of the well-known certifications in the industry: GCFA, GCFE, GNFA, GCIA, GCIH, GREM, ...
  • Our CSIRT has experience with a variety of incidents, ranging from ransomware infections to large-scale APT investigations;
  • Our CSIRT is available 24/7 through a dedicated hotline.
Get support
NVISO
NVISO
NVISO
Sinter-Goedelevoorplein 5
Parvis Sainte-Gudule 5
1000 Brussels