Erased Hard Drives – Servers – Desktops – Windows
Linux – Flash Drives – Cell Phones – PDAs – Tape Backups – Volatile Data
Network – Social Media – Deleted Files – Photographs – Mac OSX
We offer a variety of services from traditional off line evidence collection to the more modern volatile evidence collection. We can collect evidence from desktops, servers, PBX systems, cell phones, vendor solutions that integrate storage, even damaged hard drives and other media. Once the evidence has been collected our analysis will reveal all the relevant ESI even if it has been renamed, deleted or formatted. Our facilities allow us to collect and and store large amounts of potential evidence quickly so we can start answering questions about when and who.
We also provide expert testimony and advice on how to move forward with digital evidence. If you or your company is facing possible litigation it is important that you take steps now to preserve any potential evidence. We can give you advice on how to secure your ESI and how to prepare for litigation. We use state of the art technologies to build coherent time lines, interaction charts and entity relationships and provide a client with extremely detailed, easy to understand reports that makes understanding relevant relationships and the chain of events crystal clear.
We use a well defined process in what we do from beginning to end. This lets us do the most work done for the least amount of time and also ensures that our process and findings are repeatable by others.
Plan – Based on the amount and type of evidence we will construct a plan to help isolate target devices and identify before hand any potential problems. This targeted approach allows us quickly collect the evidence and reduce impact to the user. DeeDoc Forensics will work with investigators and security personnel to identify and target sources of evidence, gain an understanding of the case and apply the proper Computer Forensic Procedures.
Collect – Once the device to collect have been identified we use documented best practices to quickly and securely collect the evidence ensuring proper chain of custody and admissibility. We maintain the most cutting edge hardware for collecting evidence from a wide variety of computer storage devices and other electronic devices.
Exclusion – Many files on a hard drive are not of interest to an investigation as they are standard operating system or program files found on almost all computers. We use techniques that allow us to positively identify these files as the original unmodified files and then exclude them from further analysis. This technique does not alter the collected evidence in anyway and allows us to focus our search on only potentially relevant ESI.
Analysis – With only potentially relevant ESI to analyze our turn around times are some of the fastest in the industry. Not only are we quick but our in depth understanding of hardware and software interactions allows us to find ESI that many others would fail to locate.
Report – Our report includes all the required documentation such as findings and chain of custody reports as well as a detailed report explaining all relevant evidence found, how it was found, and how it is relevant. We offer several different reports that target those are and are not technical savvy.
We hold ourselves to the highest standard of ethics and conduct. All the methods, tools, and techniques are well know to the forensics community. We do not use proprietary of secretive methods and will justify any of our tools or methods used. Our process is fully transparent and verifiable.