Forensic Analysis

Axxera is playing an ever-increasing role in the operational security business. In particular, the Security Operation Centers (SOCs) work with customers on a daily basis. The constant changes in the security field are one reason companies find it so difficult to adequately deal with security. These constant changes and unforeseen events make it absolutely necessary for Axxera to offer a Emergency Response Team (ERT).

The Axxera-ERT is an operational focus group responsible for proactively providing customers with information to better protect themselves in the form of advisories detailing newly discovered vulnerabilities and observed attack trends. In addition, this team is capable of professionally handling a client system or network compromise. The four primary roles of Axxera- ERT are:

  • To respond to customer computer and network compromises
  • To publish critical vulnerabilities to managed and monitored customers; and, in certain cases, the community at large
  • To publish attack trends based in SOC data
  • To participate in incident response (IR) gatherings such as CERT/CC sponsored events, FIRST conferences, etc.

Expert Response to Malicious Activity

A quick response contract or SOW is completed and Axxera dispatches expert forensic engineers to perform the following services:

  • Verify and validate the system(s) have been compromised
  • Determine how the system(s) where compromised
  • Determine what changes have been made to the system(s) such as root kits etc
  • Determine what data the intruder has collected and if the data has been retrieved by the intruder
  • Determine the source of the intrusion
  • Determine if the system(s) are being used in ongoing attacks against other networks
  • Assist the client in recovery and restoration of service in a secure mode
  • Preserve evidence to be used for prosecution, at the client’s option