Incident investigation

Shtein Solutions provides services to assist in the investigation of cyber incidents, with the advantage of an eye that can reveal attack patterns and draw conclusions about the severity of the incident and what data was stolen.

Investigations of cyber incidents are based largely on the processing of logs - event logs. Therefore, every organization must have the infrastructure to store these logs on a separate server (SIEM), as well as the correct event detection configuration. Otherwise, in the absence of a centralized logging system, the investigation will be carried out on individual servers and stations affected by the incident. In this case, the investigation may take longer.

Continuous collaboration with technical experts in information security and the technical infrastructure department can help in quickly identifying attack vectors, as well as in quickly and correctly resolving the threat. On our part, it is important to remind you that it is advisable to be prepared in advance for information security incidents, and for this, the organization needs to carry out preparatory work, which in the future will pay off in the speed and efficiency of the response.

The result of the work will be a report containing:

  • Investigation methodology.
  • Conclusions for management containing an overall assessment of the level of security.
  • Possible attack vectors.
  • Description of identified deficiencies.
  • Recommendations for eliminating identified vulnerabilities.
  • Documentation and conclusions of log analysis.

As part of the incident investigation service, you will receive a list of general recommendations to reduce risks.

Protect your business - We are ready to help

Contact Us

Our Services

Our company provides the following services:

Consulting and support

Primary technological and basic checks in the field of information security. Inspection of the network architecture, security systems, access rights. Construction of a risk map.

More Details

Penetration Tests

This test identifies existing vulnerabilities in the infrastructure in order to formulate recommendations for their elimination.
 

More Details

Phishing Security Test

Testing using social engineering methods. The purpose of the test is to identify the staff’s level cyber security threat awareness.
 

More Details

Cyber training and practice

Lectures and trainings on staff awareness of information security threats, as well as trainings on secure development for programmers.
 

More Details

Information Security Audit

Checking the security of the company according to the protocol. The purpose of the audit is to show in which areas of information security there are shortcomings and how to correct them.

More Details

Incident Investigation

When a cyber incident occurs, it is important to understand exactly what happened and how, and to address the causes and gaps in the firm's information security.

More Details

About us in numbers

Since 2010, we have done a lot of work. This includes penetration tests and security audits, risk management, incident investigations, as well as consultations and solution design.

0

Years of experience

> 0

Projects completed

0

Happy Clients

0

Cups of Coffee