Digital Investigations of Any Kind ONE COMPANY

Digital Investigations of Any Kind

ONE COMPANY

Cyber Intelligence Response Technology(CIRT)

www.accessdata.com

Who we are..AccessData has been in this industry for over 25 yearsOffices in Utah, Houston, San Francisco, London, Virginia, Maryland, Frankfurt, Dubai, Australia and ChinaMarket leader/ Best of breed technologies in Forensics and eDiscovery130,000+ Clients GloballyTrain over 6000 customers each yearSustained annual growth year after year of between 60% - 80% Gartner recognized as an Innovator in the space

Founded 1987Privately funded/ ownedHeadquartered in Utah, USLondon Office (training)FrankfurtDubaiMarket leader/ Best of breed forensic technologiesBest known for Forensic Toolkit (FTK) 130,000+ Clients GloballyTrain more than 6,000 individuals annuallySustained annual growth 60% - 80% YOYGartner Innovator in the space

2AccessData Product & Services

Host-based ForensicsIncluding Volatile Data

Data Audit

Paradigm Shift: An Integrated PlatformNetwork Forensics

Removable Media Monitoring

Malware Threat Scoring & AnalysisIntegrated analysis in a single platform w/ built-in remediationCIRT

Cyber Intelligence & Response Technology

SSL DecryptionThe Value of an Integrated PlatformIntegrated PlatformDATA SPILLAGE

Organization proactively performs audits using terms, such as confidential or top secret. All instances flagged for removal in accordance with policies. VIRTUAL WORKFORCE

Laptop checks in at intervals to be scanned for anomalies which are all recorded, including network and USB activity. Remote monitoring helps to identify any data theft or security breach.INTRUSION ALERT

Unauthorized port 443 traffic. Visualize communications, drill down into suspect host. Perform behavioral forensic analysis. Honeypot avoidance, crypto, dynamic loading, high entropy and other criteria indicate malware.Batch remediation function is leveraged.CREDIT CARD INFORMATION REPORTED

Help desk is called alerting them that employee discovered credit card information on an unsecure location. Company reactively conducts PCI audit to locate exposed credit card holder info.Instances are wiped. Findings are reported.ADVANCED MALWARE AND ZERO DAY DETECTIONProactive monitoring and the identification of malicious code behavior on multiple computers. Perform differential analysis of volatile data, perform malware analysis/ threat scoring. Analysis reveals malicious processes. Scan large enterprise for defined processes and/or similar behavior and issue batch remediation. Monitor for recurrence.

Multi-Team Collaboration for Improved Emergency Response

Introducing SSL Locksmith!!!

Encrypted Traffic is ExplodingEncryption is an integral part of cloud computing and is used to secure e-commerce, Web 2.0 applications, email and VPNs

SSL is the de-facto encryption standard

SSL usage market dataSSL makes up more than 25% of traffic in mostnetworks70% of traffic is encrypted in select verticals (health)52% CAGR in percentage of SSL-based WAN traffic

A large number of enterprise and Internet-based Web 1.0/2.0-based applications use SSLMicrosoft Sharepoint, Salesforce.com, SAP, Oracle, WebEx, Windows Update, Google business applications (Gmail, docs, sites), Instant MessagingThe increased amount of encrypted traffic in networks creates new threats and problems for network security

Over 1 million SSL siteson the netHow does SSL Locksmith WorkSSL Locksmith brokers SSL connections for its clients, by validating, and creating new internal certificatesClients must have SSL Locksmith Certification Authority certificate installed in order to broker SSL transactions

Perform Review of Encrypted Web Content

10