Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed

Search

Analysis on Demand

In-depth incident investigation & root cause analysis.

realtime analytics in action
woman looking at analytics on phone
Our Specialized Analysis Team

Our team has specialized skillsets in forensics, malware analysis, and threat intelligence to provide in-depth investigation and root cause analysis that delivers tactical and strategic response actions to drive security maturity. Analysis On Demand produces thorough investigations of security incidents that require additional analysis.

Analysis on Demand Benefits

Analysis and Response

When an event occurs that requires additional attention, you have access to a pool of on-demand hours for tier 3 advanced analysis. Our team of experts specialize in digital forensics, malware analysis, and threat intelligence and are equipped to handle complex incidents.

Incident Investigation & Root Cause Analysis

Our team conducts a thorough investigation of the incident to identify the root cause and extent of the damage. We use advanced tools and techniques to collect and analyze digital evidence.

Mitigation Recommendations

Once we have identified the root cause, we develop a strategic and tactical mitigation plan to prevent similar incidents from occurring in the future. Our team collaborates with your organization to ensure that the plan aligns with your specific needs and goals.

Incident Reporting

We provide timely and comprehensive incident reports to keep you informed throughout the process. Our team works closely with your organization to ensure that communication is clear and transparent.

A man in a suit tracing a rising graph with his index finger.

Analysis on Demand in Action

Email Alert

You receive an alert for an email containing a suspicious PDF attachment. A quick triage of the PDF attachment determined it to be benign, however you remain suspicious and request Analysis on Demand support from Binary Defense.

Attachment Analysis

Analysis of the PDF attachment uncovered an obfuscated JavaScript in a compressed object stream.

Javascript De-obfuscation

De-obfuscation of the JavaScript revealed a malicious shell code. Dynamic analysis of the malicious shell code was run in a sandbox environment, revealing key Indicators of Compromise (IOCs) across the Cyber Kill Chain, providing defense in depth.

Incident Reporting

IOCs are then implemented in the Binary Defense Threat Intelligence Platform and sent to your security team in order to update detection platforms not managed by Binary Defense.

Brief and Report

Your team is briefed on the analysis and provided a detailed report with tactical and strategic mitigation recommendations.