Incident Response / Forensics

Networks and computers are exposed to frequent cyber attacks, the threat is very real. Networks should be defended through layered defences consisting of Intrusion Detection Systems (IDS), firewalls, antivirus/ Malicious logic applications and Intrusion Prevention Systems (IPS) while these layered defences are effective against external threats they offer very little of mitigating the attack from an insider, and in the case of a breach streamlined incident response.   

Counter the threat from within 

Warrior’s “counter E” was designed to assist first responders and network analysts in rapid and accurate assessment of suspicious workstation or network activity.  This solution provides network administrators and information security personnel with mechanisms to effectively counter threats posed by insiders to the security and integrity of the corporate networks and the data contained therein.  

Insider Detection/ Surveillance

Identification of insider activity requires forensically sound and robust data harvesting techniques. System events and activity offer vital clues to detect insider activities such as permission elevation, covert data tunnels, and data exfiltration.

The Counter ‘E’ Agent is designed to monitor, collect and analyze these fragments of evidence and alert network defenders.  This comprehensive data collection capability allows administrators or analysts to rapidly determine the nature of suspect activity.

These remote forensic capabilities include, but are not limited to the collection and retrieval of user information, network information and associated processes, screen captures and remote forensic disk, RAM imaging and analysis.