SISA – Forensic Readiness Audit

Reduce disruption to business operations at minimal cost.

What organizations are facing is not “If” but “when” a cyberattack will happen.

In the event of a breach, organizations need to ask themselves:
medium-shot-man-typing-laptop 1
  • How will we react and how quickly?
  • Were we aware of what, when, where and how to deal with the incident?
  • How soon will we communicate with internal and external stakeholders?
  • Are we able to quickly collect the data and log files from systems?
  • Do we have a team prepared and ready to respond effectively?
SISA_brandguidlines.png

Be prepared. Be organized. Be ready.

Use SISA’s Forensic Readiness Audit to regain control and contain the damage and costs from an incident.
Identify and prioritize critical assets that require protection and prioritize them according to their value and importance.
Review the security solutions deployed within the organization.
Review the log sources monitored by the organization.
Review the Incident Playbook for a comprehensive plan on use cases, incident response and forensic investigation procedures.

SISA’s unique approach helps organizations defend from a position of strength

01.

Assess the environment

Identify the applications, devices and security solutions deployed in the environment.

03.

Review use cases defined for log sources

  • Confirm the log sources captured and run the default set of investigations.
  • Verify the configuration of default use cases required for each log.
  • Ensure a Playbook with defined steps for each use case.

02.

Review the log sources

Review the log types within the log sources that are essential for effective monitoring.

04.

Review of Incident Response activity

  • Confirm the IR activities and assess the process of initiating them.
  • Review the process of identifying IOCs, live hunting methods and assess steps to contain the incident.

01.

Assess the environment

Identify the applications, devices and security solutions deployed in the environment.

02.

Review the log sources

Review the log types within the log sources that are essential for effective monitoring.

03.

Review use cases defined for log sources

  • Confirm the log sources captured and run the default set of investigations.
  • Verify the configuration of default use cases required for each log.
  • Ensure a Playbook with defined steps for each use case.

04.

Review of Incident Response activity

  • Confirm the IR activities and assess the process of initiating them.
  • Review the process of identifying IOCs, live hunting methods and assess steps to contain the incident.

05.

Forensic Analysis

Verify the process followed for forensic investigation and memory forensics.

05.

Forensic Analysis

Verify the process followed for forensic investigation and memory forensics.

SISA’s Latest
close slider