When data breaches, system compromises or fraudelent activities are detected, organization will immediately carry out series of activities defined in its incident response proses. Digital forensic is one of the essential part in the process that allow organization to gather evidence of compromise and gain a clear understanding of the chain of events that led to malicious actions.
Seclab.id provide in-depth analysis of compromised systems to assist organizations to gather evidence and develop mechanism to contain, eradicate and remediate the incident. During the analysis, we combine results of our continues researches and MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) to fully understand how compromise was taking place. This will allow us to capture thorough evidence and provide detailed advice to the organization to improve its ability to detect and stop future breaches.