Detailed deep analysis of forensic threat data is transformed into an intuitive visualisation in real time building an intuitive attack storyline. The attack storyline depicts the threat execution flow in high resolution, from inception through to Kill Quarantine and full Remediation. Our team can view a specific process on the attack story line and drill down into the individual network, file, process, or data actions that occurred. This information allows our team to take decisive action towards securing your network.
If escalation is needed, we will provide an outline of the attack details. This will often include attack statistics, file information, path, machine name, IP, domain, along with information about where else on the network the attack has been seen, what we’ve done to isolate or eliminate the threat and what your team’s next step should be, if any.
In addition, we can provide cloud reputation, certificate information (if the file is signed or not), and advanced attack details (such as a list of known packers that may have been used). And lastly, we will provide a forensic grade incident report directly to your IT department – especially helpful in compliance driven environments.