Data (Re)covery Data Protection Intrusion Analysis Incident Handling Forensics
Intrusion Analysis
Do you analyze traffic and system integrity, or know how to?
What is an intrusion?
Your systems and data are important to you, whether you are a student that stores term papers, a home user that shops online, or a business owner that saves customer data. An intrusion is any inappropriate, incorrect, anomalous, or malicious activity that can affect, destroy, steal, or infect your systems and data.
Who...or what causes intrusions?
Most people would think 14 year-old hackers are responsible for the majority of intrusions. Although this does happen, did you know that insiders (those that work with you or use your own systems) account for the majority of intrusions? Additionally, just surfing a particular web page, opening an attachment, downloading free software, or forwarding those chain mails can all lead to information compromise.
How can you identify an intrusion, or prevent them?
Can you say that you know what your system is doing or what traffic goes across your network? We at (re)surge provide an overall site-analysis and profile for systems and supporting networks. We benchmark and base-line host and network activity to identify suspicious activity readily and confidently. We will fully analyze the system, memory, process, and network state of your environment; and have the knowledge to inspect, dissect, or reverse-engineer protocols, file-systems, binaries, memory-layouts, network stacks, process maps and calls, and a gamut of other elements. Our goal is to provide an entire layered-defense strategy to include intrusion analysis and prevention techniques, producing an overall integrity of perimeters, hosts, and networks.
Why do intrusions happen?
Some reasons could include for fun, education, profit, prestige, identity-theft, or for revenge. None of these can be comforting or justify the loss of your systems and data, however. At (re)surge we provide the ability for content, application, and protocol analysis ensuring proper transfers, data inspections and private communications. We take leading-edge steps to review, monitor, and inspect your information for behavioral and anomalous activity. Our techniques intelligently analyze and baseline your network application activity, more easily identifying suspicious traffic originating from or destined to your networks.
Back To Top
Your systems and data are important to you, whether you are a student that stores term papers, a home user that shops online, or a business owner that saves customer data. An intrusion is any inappropriate, incorrect, anomalous, or malicious activity that can affect, destroy, steal, or infect your systems and data.
Who...or what causes intrusions?
Most people would think 14 year-old hackers are responsible for the majority of intrusions. Although this does happen, did you know that insiders (those that work with you or use your own systems) account for the majority of intrusions? Additionally, just surfing a particular web page, opening an attachment, downloading free software, or forwarding those chain mails can all lead to information compromise.
How can you identify an intrusion, or prevent them?
Can you say that you know what your system is doing or what traffic goes across your network? We at (re)surge provide an overall site-analysis and profile for systems and supporting networks. We benchmark and base-line host and network activity to identify suspicious activity readily and confidently. We will fully analyze the system, memory, process, and network state of your environment; and have the knowledge to inspect, dissect, or reverse-engineer protocols, file-systems, binaries, memory-layouts, network stacks, process maps and calls, and a gamut of other elements. Our goal is to provide an entire layered-defense strategy to include intrusion analysis and prevention techniques, producing an overall integrity of perimeters, hosts, and networks.
Why do intrusions happen?
Some reasons could include for fun, education, profit, prestige, identity-theft, or for revenge. None of these can be comforting or justify the loss of your systems and data, however. At (re)surge we provide the ability for content, application, and protocol analysis ensuring proper transfers, data inspections and private communications. We take leading-edge steps to review, monitor, and inspect your information for behavioral and anomalous activity. Our techniques intelligently analyze and baseline your network application activity, more easily identifying suspicious traffic originating from or destined to your networks.
Back To Top
Intrusion Analysis
[in-troo-zhuhn uh-nal-uh-sis]
The act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource.
Methods of analysis:
Anatomy of an Intrusion
Intrusions can happen just by surfing the web, reading email, inserting a CD/DVD, opening documents, querying a database, downloading software, or by malicious users.
- Identify countermeasures and defenses including security prevention systems, perimeter devices, and OS security-controls for applications, Internet servers, wireless, and VPNs.
- Get (re)surge'd with how well your data is secured with an in-house or in-business security audit and assessment for logging, encryption, rule-sets, services, and hardening reviews.
- Base-line your systems and data by thoroughly analyzing your platforms for compromise of fraudulent identity, malware, user and network security, data theft, and security policies.
- We provide live-response investigations, memory mapping and dumping to find hidden processes and channels, system and network state analysis, and file and process call integrity. From 'start' to 'smart' is how we look at things.
- Ability to set up hardware "cage" to isolate, capture, monitor, and prevent further compromise of an incident.
- We can emulate your conditions, systems, and environment to better identify the cause of the incident and what damage it might have done. By generating cloned data and importing into virtual environments, we can accurately (re)create the system states of an incident. This allows us to fully analyze an offline copy of your systems, and even interact with them, providing a thorough and detailed analysis of a compromise.
Anatomy of an Intrusion
Intrusions can happen just by surfing the web, reading email, inserting a CD/DVD, opening documents, querying a database, downloading software, or by malicious users.