Forensic Readiness Review

Are your security logs adequate for analysing a security breach? Our service ensures you are prepared for the worst.

Service Overview: 

After a security breach logs are gathered to understand what has happened and also as evidence to prosecute the attackers.  All too often the logs gathered by default are inadequate, lacking in detail, or missing altogether. Our service ensures that you are prepared for the worst.

Our Forensic Readiness Review ensures that an organisation is collecting sufficient logs and storing them in a forensically sound manner in order to facilitate a thorough investigation of an incident and if necessary prosecute the attackers in a court of law.

By default, most organisations do collect some logs from their network devices and various operating systems, however, most don't manage them or consider the "audit policy" which defines which events are recorded.

Service Details: 

When we audit a firewall we not only look at whether they are up to date but also review all of the rules to ensure each rule is adequately granular and that the source and destinations are still appropriate, finishing off by checking for an explicit deny.

We also check the architecture for correct placement and to ensure there aren't any potential bypasses.  The configuration for each firewall is checked to ensure that licensed functionality is turned on and configured correctly. 

Rest assured that we won't make any changes to the firewalls during the audit. Instead, a report will be produced with observations made and recommendations to remediate the issues found.

If the remediation is beyond the capability of your staff we can be engaged to work with you to implement any agreed changes.

Want to book a service?
See a job opening you like?
Want something bespoke?

© Computer Network Defence Limited 2019