Services Portfolio
Hunting Malwares
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification, investigation and isolation of machines related to the incident.
Usage of tools to detect possible malware infections and incidents.
Execution of commands in the operating system to understand the infection and the incident.
Removal of threats by using appropriate tools.
Evaluation of vulnerabilities in firmwares for protection against infections caused by malwares' implants.
Report generation.
Presentation of the generated report.
Detection and Detailed Analysis of Malwares
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification, investigation and isolation of machines related to the incident.
Memory acquisition (up to three acquisitions, depending on the degree of reliability, criticality and sensitivity of the data and the environment).
Acquisition of hibernation files and pagefiles.
Memory analysis for locating and understanding the infection causes.
Analysis of hibernation files and pagefiles.
Report generation.
Presentation of the generated report.
Advanced Malware Detection and Analysis
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification, investigation and isolation of machines related to the incident.
Memory acquisition (up to three acquisitions, depending on the degree of reliability, criticality and sensitivity of the data and the environment).
Acquisition of disk image of each machine related to the incident (potentially two copies - online or offline).
Acquisition of hibernation files and pagefiles.
Acquisition of network packets of each machine involved to the incident.
Memory analysis for locating and understanding the infection causes.
Analysis of hibernation files and pagefiles.
Malware Analysis:
   a) Basic Static and Dynamic Analysis.
   b) Advanced Static and Dynamic Analysis.
Digital Forensic Analysis on disk and captured network packets.
Event correlation between memory, malware and disk results.
Report generation.
Presentation of the generated report.
Digital Forensics: Fraud and Data Leakage
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification, investigation and isolation of machines related to the incident.
Memory acquisition (up to three acquisitions, depending on the degree of reliability, criticality and sensitivity of the data and the environment).
Acquisition of disk image of each machine (potentially, two copies - online or offline).
Acquisition of hibernation files and pagefiles.
Memory analysis for locating and understanding fraud and/or data leaks.
Hibernation analysis and pagefiles for locating and understanding fraud and/or leak.
Digital Forensic analysis on files, records, application data, and metadata.
Recovery of lost/deleted files directories (when it is possible).
Dynamic analysis on disk image of each system related to the incident (application behavior).
Event correlation between memory, disk and application data analysis.
Report generation.
Presentation of the generated report.
Hunting Malwares on Android
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification, investigation and isolation of mobile phones/tablets related to the incident.
Usage of tools to detect possible mobile infections.
Execution of commands in the operating system on Android OS for gathering evidences.
Threat removal using tools.
Report generation.
Presentation of the generated report.
Detection and Detailed Analysis of Malwares on Android
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification, investigation and isolation of mobile phones/tablets related to the incident.
Basic acquisition of the memory (optional).
Physical and logical image acquisition (when possible).
Basic Static Analysis of malwares.
Basic Dynamic Analysis of malwares.
Advanced Static Analysis (Reverse Engineering) of Malwares.
Digital Forensic Analysis on acquired physical and logical images (when possible).
Correlation of events between memory, malware and physical/logical images analysis.
Report generation.
Presentation of the generated report.
System and Application Crash Dump Analysis on Windows
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification, investigation and isolation of machines related to the incident.
Memory acquisition (up to three acquisitions, depending on the degree of reliability, criticality and sensitivity of the data and the environment).
Acquisition of existing crash dumps on selected machines.
Conversion of the memory dump to Windows dump file format.
Application dump analysis and/or system dump analysis.
Report generation.
Presentation of the generated report.
Infrastructure Security Analysis
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification of assets and software related to the structure of information technology.
Creation/Review of the company's Information Security policy.
Creation/Review of the Business Continuity Plan of the company.
Analysis of the Information Security Architecture.
Monitoring and evaluation of the process of implementation originated by proposed solutions.
Advice on the structure of Information Security.
Report generation.
Presentation of the generated report.
Forensic Analysis of iPhone Mobile
This activity consists of the following tasks:
Interviews with involved professionals to understand the incident.
Identification and isolation of mobile phones related to the incident.
Physical, filesystem and logical image acquisition (when possible).
Digital Forensic Analysis on acquired physical, filesystem and logical images.
Report generation.
Presentation of the generated report.
Data Privacy by using Cryptography
This activity consists of the following tasks:
Interviews with the company professionals to understand the goals.
Implementation and training of a 100% secure encryption tool for e-mail (not-AES, not-RSA).
Implementation and training of a 100% secure encryption tool for files/folders (not-AES, not-RSA).
Implementation of a Virtual-HSM (High Secure Module) to desktop and mobiles.
Secure Backup e Secure File Storage (ISO 27001 compliance).
Trainings and Lectures on Information Security
Introduction to Digital Security.
Hunting Malwares via Memory Analysis (1 and 2).
Malware Analysis (1 and 2).
Rootkits Analysis 1.
Crash Dump analysis (Faults in systems and applications) (1, 2 and 3).
Digital Forensic Analysis 1.
Internal Windows Architecture (1 and 2).
Exploit Development (1 and 2).
Malicious Document Analysis.
Malware Analysis and Digital Forensics on Android and iPhones.
BIOS and UEFI: going to lowest levels.
Counseling in CyberSecurity and Digital Threats
This is a special and differentiated service, which we act as advisors in the context of management and operation, consisting of the following tasks:
Executive interview for understanding the scenario.
Analysis of the technical feasibility of information security projects.
Consultancy advice on security projects.
Proposing solutions to improve the security infrastructure.
Follow-up and debates for the continuous improvement of the solutions in each phase of the project.
Coordination and management of security teams.
Support in running proofs of concept (PoC).
Management of the hiring of professionals for technical teams.
Digital Threat Detection Through Memory Analysis
This is a special and differentiated service, which we perform accurate detection of the presence of digital threats in systems that are suspected of having suffered malware infection and / or attacking without the use of standard protection software (such as anti-virus programs) detecting such threats.

This service consists of the following tasks:
Interview of professionals to understand the scenario.
Determination of the systems to be evaluated.
Acquisition of the memory of the selected systems.
Analysis and investigation of the collected memory.
Production of the report.
Presentation of the report.
Vulnerability Assessment and Penetration Testing
This service consists of the following tasks:
Interview of professionals to understand the scenario and goals of the company.
Definition of the scope of the task and choice of the test models to be performed.
Definition of the NDA (Non-Disclosure Agreement) contract and the actual time of the tests to be performed.
Performing of the vulnerability assessment and/or penetration test (external and/or internal, blind or double-blind).
Production of the report.
Presentation of the report.