response services

incident handling

Incident Handling is the core service provided by NTTDATA-ES-CERT, in order to provide an effective response to information security threats making use of well-defined and structured processes. We provide full support and communication with the affected personnel during the whole process to ensure an efficient and adequate response. As a summary of the stages, our incident response service usually follows:

This service is usually provided from our CERT installations, but if the scenario requires it so, our team is ready and available to provide response services on-site on remote offices or even on client installations, as well as supporting the collaboration with other IT and incident recovery teams.

artifact handling

Artifacts can be defined as “digital fingerprints”, generated by users after using a software or operating system. The Handling of Artifacts is a key activity in any forensic investigation, ensuring in all stages their integrity and confidentiality.

The incident response team has established its own testing laboratory, including isolated sandboxing environments simulating common corporate systems and devices, to test newly discovered malware or suspicious files/documents and determine their nature.

These analysis result in the generation of reports containing in-depth details on the behavior and actions carried out on the system (file creation, accesses, modifications, downloads, connections established, etc.).

forensic investigation

Complementary to our Incident and Artifact Handling services, we provide a specialized forensic service on-demand to our organization and clients to manage investigations related to suspected criminal activities or misdoings. Forensic services include systems, RAM, network and data recovery. Includes (but not limited to):

malware analysis

Fast response service to detect and identify malicious code, malware infections and new threats, complementary to our core Incident and Artifact Handling processes. This service focuses on providing: