Incident Investigations

If you are a victim of a serious cybersecurity incident, it is essential not only to stop the attack and mitigate its consequences, but also to conduct an investigation in order to define threat actors and organizers of the attack. Moreover, it is necessary to collect all legally relevant digital evidence so that cybercriminals could be brought to justice.

What we do:

  • Look for traces of unauthorized access;
  • Define modus operandi of the attack;
  • Identify threat actors (if possible);
  • Determine circumstances of the incident and describe traces of criminal activity in provided materials (computer and network logs, memory dumps, etc.);
  • Prepare documents for law enforcement authorities concerning different types of incidents (DDoS-attack, ransomware attack, POS fraud, website hack, landline and mobile phone infection, malicious phishing mailings etc.).
  • Results

    You can neutralize cybercriminals that attacked your company and take measures to prevent such incidents in the future. In addition to that, you receive a set of documents for initiating investigation by law enforcement authorities if you decide to claim damages.


    Reasonable and appropriate measures are taken to ensure that your personal data is protected from unauthorized access or modification, unlawful destruction, and improper use. No information provided by you will be made available to third parties. Personal data will be held only for as long as is necessary for the purpose for which it is provided and, in any event, will only be kept for 24 months after any application you have made has been completed. By submitting your personal information, you consent to the use of your information as set out in this statement.