Threat & Forensic Analysis

Threat Categorisation

The iZOOlabs provides a dedicated threat analysis and IT forensics platform to curate raw data into tangible and actionable threat responses. A great deal of our work is in data curation, taking vast amounts of raw threat data to a point of verifying the specific threat to clients, threat analysis, forensic investigation and threat mitigation. Forensic reports and data be sent to the client real time and in a seamless manner, via a range of incident reports, data files, web services and API integration.

Threat Analysis

iZOOlogic employs a broad range of deep analysis techniques, from static and dynamic analysis to static and advanced analysis methodologies to deep dive into specific threat types. The iZOOlabs platform has an extensive capability that employs concurrent and emulator environments to discover and unpack a wide range of attack types and techniques.

The correlation of multiple analysis outputs on the fly and in near real time provides a comprehensive mechanism to discover and contextually understand the threat. Threat analysis dovetails into the Incident Response channel where threat sources and cybercrime infrastructure can be both monitored and mitigated as required. Threat analysis will afford clients forensic recoveries, risk assessment and recommended action points to mitigate the threat. iZOOlogic provides comprehensive incident reports including all forensic evidence and data made available in a variety of desired formats via the iZOOlabs Incident Management portal.

Forensic Investigations

iZOOlogic Threat Researchers, and Security Analysts are highly qualified, skilled with a vast working knowledge and set of experiences to provide a great value add to any cyber forensic investigation. iZOOlogic provides a great value add and extension allowing clients to outsource most primary investigations and to provide all available forensic in a contextual manner.

In addition, the iZOOlogic security and legal team are well versed in dealing with third parties such as hosts, registrars, global CERT teams and law enforcement to close the forensic loop allowing the client to mitigate the present and future threats.