Computer Incident Response is critical in the computer forensics process. We help to train the Incident Response Team members within your IT security team, on the professional procedures to be followed in timely handling of digital evidence.
The standard methodology includes procedures for securing a suspected computer incident scene (shutting down the computer, labeling the evidence, providing chain of custody documentation, documenting the evidence and transporting the evidence for forensic investigation). Training is provided for incidence response on evidence handling, authentication, siezure and storage of both data-at-rest and data-in-motion.
The quality of incident response impacts greatly on the integrity of the evidence used in computer forensics. For instance, if the chain of custody is broken due to poor incident response procedures, the eventual result of computer forensics may fail in court or tribunal.
A professional incidence response team is very critical in IT security.