FORENSIC INFORMATION


  Surveys on Computer Security Requirements
Indagini dati informatici Ravenna

This task is to identify all situations where minimal security requirements are missing. In a complex computing structure, it is not always so obvious what are the security holes that are often confused between the structural solutions, the management and the use made of computer tools. The computer security audit can be done in compliance with international regulations and therefore confer on the company an organisational plus that has the same value as all other quality certifications.

During this type of activity, all regulatory requirements that have recently imposed obligations in the management of company information systems have been taken into account, with the aim of producing a written project containing a description of the methods used, a list of identified criticalities, proposals for solutions and costs for resolution.

Our technical staff also has the cultural and experiential luggage necessary to coordinate all the activities needed and implement the proposed solutions, activities that can be carried out both in the first person and involving other qualified personnel in each case.

FORENSICS


  Analysis and reconstruction of crime scenes
Indagini informatica forense Ravenna
  • Judicial Appellation
  • DNA analysis
  • Paternity test
  • Toxicological analysis of hair
  • Toxicological analysis and anti-doping advice
  • Dystyloscopic analysis
  • Explosive and flammable analysis
  • Graphic and calligraphic expertise
  • ballistics
  • Psychological counselling in the civil field
  • Criminological consultations in criminal matters
  • Psychological autopsy
  • Psychological and geographical profile
  • Judicial autopsy
  • Speaker acknowledgment
  • Tafonomic analysis
  • Phonics and expert inquiries
  • Reconstruction of Environment, Crime Scenes, 3D Graphic Modeling Files

FORENSIC INFORMATION SERVICES


  Detailed listings of DIAG data survey activities

In particular, DIAG INVESTIGATIONS deals with:

  • Content Analysis: Digital Content Analysis consists in the acquisition, analysis, and reordering of information originally contained in electronic media. Content analysis involves much more than mere acquisition or recovery of computer data. In particular, it is subordinate to knowledge of all the aspects related to the flow that these data make while being used by users and therefore has a specific competence to acquire the status of fact at a certain and a certain moment, extract and preserve the content information. This aspect also requires knowledge of the case and must therefore be carried out a non-technical analysis.

  • Detecting Details: When the amount of data to be analyzed is very large (for example, the entire file archive of a medium-large company), it is necessary to prepare a preliminary filtering to locate the data you are looking for. Only by means of special correlation techniques can you find small things in a large archive. The expertise of our technicians enables us to identify and plan all the search filters needed to find contextual information for the cases studied. Specifically, it is possible to rearrange the content in an orderly manner starting from the file type until you find the individual content or recurrence of the content. The shifting can be done on a timely and one-off basis on an archive or in real time (see also Proactive Analysis).

  • Re-elaboration of content: even at best, the amount of data on an electronic computer is such that it requires that the information information, once acquired, is in some way made directly accessible. For these reasons, our team of technicians can re-elaborate the content and prepare digital dossiers for the analyzes made, references to the original positions of the data and the acquired non-destructive copies that constitute legal evidence.

  • Non destructive acquisition: it is the basic element of any legal process or legal expertise. Mass storage units thus sequestered by law enforcement officers are cloned with non-destructive processes (which do not alter the original). In this way, without physical failure of the devices, you can conduct all the necessary analyzes and replicate them at any time by reproducing the entire technical iter. Outside the court, through non-destructive acquisition, it is also possible to make a discrete analysis of possible abuses through computer tools and allow legitimate owners to protect their interests against any offenses committed by third parties without them being suspicious. This maneuver is in fact completely transparent to the user who has no way of perceiving that it has been accomplished. This process can be done on all types of mass memory, from small solid state cards that are inside cell phones and cameras to the most powerful hard drives of modern computers.

  • Data Recovery: Recovering deleted data is one of the forensic basics of computing. The purpose of the trial is to identify additional evidence, but it can be a valid tool to assist disaster recovery where precautionary measures have failed and produce very valuable data loss. Particularly important are the ability to retrieve deleted e-mails, deleted or corrupted files, internet browsing logs, and other elements that can link the time, place, and content of the actions that you make.

  • Data Analysis: For data analysis, all preliminary procedures are designed to identify whether there is significant flow of information within a complex computing structure for ongoing investigations. This type of activity is preliminary to many of the activities already described and serves to enable technicians to plan how to act and what to acquire. In particular, the analysis of the data includes the acquisition of network traffic (sniffing), the determination of the technical information about the devices on which to conduct non-destructive acquisitions, the possible possibility of sifting and / or recovering lost information Or hidden.

  • Proactive analysis: proactive analysis is necessary when the survey activities produce or may accidentally produce an escalation of the same investigated phenomenon. If, for example, the survey activities are particularly visible there is the possibility that the individuals involved try to eliminate the evidence. Through real-time correlation mechanisms, you can get alarm messages and compile registers and interpolations that lead to specific activities and related authors.

Computer Security Audit

Share by: