FAQ

What is computer forensics?

Computer forensics is digital data evidence collection and analysis. In most cases computer forensics is used for crime analysis and it is done by collecting computer evidence from the arena, all computer components, including hard disks, USBs, CDs and also performing memory dump for the computer extracting not only the data that is saved on hard drives of the computer but also important data that were kept only in the memory of the computer.

Why there is a need to do memory dump analysis?

Memory dump analysis is done in order to extract data that is hidden from a regular user and cannot be found on the Hard drive. When we perform any act on the computer it is saved in the memory. These days the most sophisticated attacks are called APT, Advanced Persistent Threats, modern malwares and Trojan usually uses windows processes which are hidden from the users and can be detected only when taking memory dump sample from the computer. In addition, in some conditions users perform all kind of actions such as deleting documents or evidences from the computer and by using memory dump analysis and computer forensics techniques it is possible to detect these evidences although the user may think he destroyed all evidences.

An avarage attacker can reside in avarage about 8 months in the organization without the user notice . Sometimes security defense system may detect a clue but in most cases it is very dificult to tell if the host is completely clean or infected . In many cases customer decides based on AV scanning that the host is clean and this diagnosis may be missleading and desructive in a case it was determined as a clean host but this is not the real situation the attacker will continue to reside inside the organization and will gain valuable time to target strategic assets in the organization and will do his attacks from the infected host. Time is critical to determine quickely if the host is infected or not and with what and the Forensics Express team can help you with that because we use memory dump analysis and only by using memory dump analysis you can determine for sure if host is infected or not.. 

What is the difference between computer forensics express and other forensics providers?

Most forensics providers focus on crime analysis and Cyber analysis and provide evidence to federal and government institution or to large organizations that has been attacked by hackers. Forensics Express was not established to provide such answers for crime analysis or for detecting the exact attacker details, though in some cases it can provide hints and leads to such cases. Forensics Express was established for the purpose of allowing you to verify that your computer is clean from Trojans and malwares or software which you are not aware of, It allows you as a parent to know much more about the actions of your child on the computer in order to protect him in the dangerous internet world. It allows you as a small or medium business that has been attacked by any Cyber-attack to save money and try to get a picture of what’s going on with computers that were breached on the network. If you will use regular forensics based on time and material service you will find yourself spending huge amount of money and in most cases, you will still have unclarity and open questions. Cyber forensics teams will arrive to your site, they will start correlating logs and build a picture regarding the timeline and nature of the attack and you will have to pay lots of money.

In some cases, you don’t really need such service, your security products already detected suspect computers over your network and now you just need to focus on these computers.

In some cases, security officers are requested to provide answers and reports regarding specific computers only.

In some cases, you would like to ensure that all your executive management team and senior management level working on clean computers without Trojans.

This is where Forensics Express getting into the picture, use our service and get your forensics reports now.

Why computer Forensics is so expensive comparing to forensics express service?

Computer forensics in general is very complicated technique ,which required lots of time and involve extracting information from the memory of your computer, this act requires special skills and experience and there are not many people who can do that, usually such service price is estimated with hundreds of $ per hour which in some circumstances you may find yourself spending much more money then what you planned at the first place or what you really needed.

Forensics Express is much cheaper because it allows you to select specific package of what you really need and it consists only of few selected options that are customized for you .

What forensics express packages do you offer?

Congratulations! you are one step before getting your computer forensics report .

Select your package here and we will  get back to as soon as we can with your forensics report.

You can read here more about Forensics Express Process 

I like your service sounds like exactly what I need, what is the process to start?

Thank You , we appreciate it very much and looking forward serving you the best we can.

We also promise to send you as soon as we can a 1st free memory dump analysis .

You can read here more about the steps you should follow using the Forensics Express process .

What operating systems do you support and provide your service?

Currently at this point we support all Windows Operating system ,we do not support MAC ,Linux and mobile devices.

 

What is the max amount of RAM which you support?

Currently we support analysis of up to 8GBRAM

If you would like to send us for analysys memory dump which exceeds 8GBRAM contact Forensics Express support and check regarding our plan for memory dump analysys of computers that exceeds 8GBRAM.

What are the payment terms, is it secured?

Forensics Express accept any payment methods here

Examples ,when you would need our service?
  1. You received a report from security defense system that 1 or 2 hosts are suspicious to be infected but you cannot tell that by 100% and you need someone to quickly confirm or disconfirm it before it’s going to be late. Don’t lose time! if you scan the host it doesn’t mean it’s not infected you need to have it deeply analyzed via memory dump analysis in order to make sure. If you will determine by mistake that the host is clean and it’s not you may find yourself been added to the statistics of Cyber victims.  

  2. You are tired from paying so much money to Cyber security consultants and to Cyber security companies that brings no real value and charge high amount per an hour.
  3. Your computer has been breached ,you have clean it but you would like to make sure it is clean now.
  4. You would like to get quick memory dump analysis on selected items which were found on a specific computer and get a simple report on that.
  5. You are security officer and need to provide some answers to your management on a breech and some suspicious hosts and verify that hosts are clean.
  6. You are a worried parent and would like to learn more about your child actions or find evidence about your child in the memory of the computer.
  7. You are the CISO of your organization and you would like to ensure that no Trojan or malicious software is currently installed for your management team or specific sensitive hosts in your organization