Get a Quote

Required *

 
 

Services

Digital forensics, which includes both cellular forensics and computer forensics (this includes CFE, digital fraud investigations and service of summons in South Africa) is the service of collecting, preserving, analysing and then presenting digital-related evidence. We use complex techniques and state-of-the-art software to identify, collect the evidence, examine what we find and then preserve all the data.Our lab services include Device Cloning using FTK for live imaging, uReach cloning devices and a variety of triage products. We support Cellebrite and Magenet Axiom for device acquisition and deep-searching to get the maximum available data.

Our digital forensics services as well as our cellular forensics services are generally designed around the needs of attorneys, investigators and forensics audits, but we also cover a wider scope. Do not hesitate to contact us if you wish to have a confidential discussion around your particular requirements.

We generally work directly for private investigators, polygraph examiners, attorneys and similar parties although we can accept a direct brief from a corporate entity that requires our services. We are able to assist bona fide law enforcement agencies with the procurement of forensic software and hardware once credentials have been verified.We are based in Cape Town and Pretoria in South Africa with reach to the coastal areas of Durban and PE through our network of associates.

Please see below some of the digital forensic services and cellular forensics services we provide, in Cape Town and nationally.

line
line

Incident Response Team

Our IRT is able to deploy to your site quickly based on your incident response plan or, of course, our incident manager will work with you to create a plan based on your specific requirements if you do not have one.

Business Continuity Planning

Business continuity planning, while not specifically a forensic service, relies heavily on the abilities of a response team and forensic specialists following an incident. As such, we have a wealth of experience to bring to the table when drafting and reviewing your BCP.

Cyber Penetration Testing

Within the realm of network and online security it is often necessary to conduct penetration tests in a controlled manner to highlight network vulnerabilities. This obviously has to be conducted in the context of existing threats and known vulnerabilities as well as up-to-date insight into how the cyber security field is growing and changing.

Hacking Recovery

Hacking is a reality of online connectivity. In a marketplace where businesses are heavily dependent on online access to data as well as services to conduct business.

Cyber Investigations

Online Fraud, supplier fraud, identity theft and corporate identity theft are on the rise in South Africa. Business hubs such as Cape Town, Pretoria and Johannesburg are awash with crime syndicates who have perfected the art of commercial identity theft.

Cellular Phone Analysis

With the advent of smart phones, investigators and attorneys have been faced with a new challenge. The knowledge that critical evidence exists and rests within that handset is a cause of frustration if one cannot access it in a forensically sound manner.

Hard Disk Drive Analysis

Data recovery and hard drive analysis have always been seen as two separate skillsets within the IT industry. Not anymore!

Device Acquisition

When there is the suspicion of fraud or malfeasance, it is often prudent to acquire a forensically sound image of a drive as a matter of urgency. This is often done as a precautionary measure when key members of staff leave the employ of the company.

Testimony

Achieving a digital result is only part of the puzzle as any investigator or attorney would affirm. The ultimate requirement is for testimony that will stand up to scrutiny in a court of law.

Due Diligence Investigations

Trading in South Africa can be daunting for both local and offshore companies. With rising levels of fraud, tender rigging, fronting and other commercial crimes, it is imperative that a due diligence is conducted.

Image Enhancement

Our forensics team are able to provide static image enhancement as well as digital video enhancements. Please bear in mind that results are most often dependant on the quality of the original image and we will require the highest resolution output that you are able to deliver before we can assess what the enhancement potential will be.

Certified Fraud Examiner Services

A CFE (Certified Fraud Examiner) is an individual with a range of skills that is not often found in any other career field. CFEs combine an extensive knowledge of financial transactions with an understanding of investigations and law to settle fraud claims.

Service of Summons

As a value added service to our clients abroad, we are offering a summons processing/service in South Africa.

Incident Response Team

Our IRT is able to deploy to your site quickly based on your incident response plan or, of course, our incident manager will work with you to create a plan based on your specific requirements if you do not have one.

Our IRT services include communications packages, data packages, penetration test kits, triage kits and the ability to seize a large number of electronic assets for analysis. On-site acquisition is typically via UR each cloning devices depending on the clients requirements for either a logical or physical acquisition.

We are equally able to clone cellular devices on the fly for detailed analysis. For cellular devices we favour world leaders Cellebrite or Magnet. While deep diving of data (analysis) is capably handled by Magnet Axiom. We are able to generate portable case files for your convenience and off-site analysis.

Our Incident Response Team is typically comprised of a Team Leader, and then augmented by specialists who will acquire identified equipment, perform triage and if necessary assist with network lockdowns. Our Cape Town team has a wide area of expertise including ransomware and fraud response.

While our core Incident Response Teams are based in Cape Town and Pretoria, we are none the less able to mobilise skills to most countries on the African continent.

Our IRT has been deployed on average twice a month over the past year around the country to assist companies that have been affected by ransomware, subject to internal fraud, online fraud or have been compromised internally by syndicates.

In the background, our IRT is supported by a dedicated service desk that conducts active research while the team is on the ground, ensuing that information is current and accessible at all times.

Business Continuity Planning

Business continuity planning, while not specifically a forensic service, relies heavily on the abilities of a response team and forensic specialists following an incident.

As such, we have a wealth of experience to bring to the table when drafting and reviewing your BCP.

We offer valuable insight into an array of options that may be of vital assistance in returning your operations to a stable platform post-crisis.

We invite contact in this regard to discuss how we may be of service to you. Please note that this service is available in Cape Town and Pretoria and elsewhere by prior arrangement.

Penetration Testing

Within the realm of network and online security it is often necessary to conduct penetration tests in a controlled manner to highlight network vulnerabilities.

This obviously has to be conducted in the context of existing threats and known vulnerabilities as well as up-to-date insight into how the cyber security field is growing and changing.

Our Pen Test team is able to conduct deep scans of your network using a deployed agent and remote access as well as conducting testing on the physical layer.

We provide comprehensive reporting and analysis of our findings complete with recommendations for remediation of the highlighted vulnerabilities.

Much as one would conduct a security review of a home to ensure that it’s as safe as it can reasonably be, our specialists take an outside-in approach. Penetration testing is the electronic equivalent of breaking into your own building to highlight the risk areas so that these can be addressed.

Hacking Recovery

Hacking is a reality of online connectivity. In a marketplace where businesses are heavily dependent on online access to data as well as services to conduct business.

Our Incident Response Team is generally the first step in recovering from a systems breach. While most companies have in-house and contracted skills to manage and administer their network, it’s not uncommon that outside specialist skills are needed to recover from a serious breach.

Our team are spread between Cape Town, Pretoria, London and Sofia and largely work via remote connection. This enables us to function 24 hours a day if required to restore network integrity.

A key component of this service is the ability to gain rapid insight into the structure of the network, analyse any malware that is located and develop pattern matching of the attacker.

We are one of a handful of companies worldwide who have an on-call psychologist with a solid IT Security foundation to guide us in profiling an attacker, understanding their patterns and, of course, their motivation. Coupled with the appropriate skillsets, this enables us to predict the next course of the threat and counter it appropriately.

Our strategic partnership with Data Keepers (hyperlink) means that we are able to offer a broad range of disaster recovery options in the server-on-demand area. Cloud Based services are an integral part of the modern Disaster Recovery Plan where otherwise costly replacement servers can be used on a scalable basis to restore network access rapidly and reliably.

Cyber Investigations

Online Fraud, supplier fraud, identity theft and corporate identity theft are on the rise in South Africa. Business hubs such as Cape Town, Pretoria and Johannesburg are awash with crime syndicates who have perfected the art of commercial identity theft.

Our internal analysts will review the circumstances of any attempt or loss and assist with the investigative process. We have abilities within the areas of e-mail tracing, cellular phone tracing and, of course, suspect baiting.

Our teams are familiar with the different role players in this market and are constantly staying abreast of the latest trends.

We invite you to join our newsletter to stay abreast of the latest trends in online fraud and scams. Forewarned will always be forearmed.

Again, we are privileged to have a qualified psychologist on hand with experience in cyber security that is able to guide and advise us in building a suspect profile when required.

Cellular Phone Analysis

With the advent of smart phones, investigators and attorneys have been faced with a new challenge. The knowledge that critical evidence exists and rests within that handset is a cause of frustration if one cannot access it in a forensically sound manner.

We offer two levels of accessibility to handsets, namely logical and physical acquisition. Logical being a direct clone of all the data on the cellular handset and physical being a complete clone of the entire device including deleted information that may still be accessible.

We use the very latest technologies for accessing the above and for more complicated matters we are able to offer JTAG and Chip-Off services.

As with most of our forensic services, we are able to offer a portable case file so that the data can be analysed at your convenience. We do offer an analysis and linking service should you require.

Please note that while we do offer these services directly at our Cape Town and Pretoria offices, however these can be time consuming in terms of the size and complexity of the handset and as such run a standard 72 hour lead time on cellular forensics.

Equally we must be explicit – we will not recover your wife’s / husband’s / girlfriend’s or boyfriend’s WhatsApp’s, locate their phone in the dead of night or recover images from their handsets. We require written consent of the owner of the device before work commences and we do not accept any matrimonial work unless directed to us through an attorney.

Hard Disk Drive Analysis

We offer detailed drive analysis and recovery of artefacts all in one. Using a physical image of the hard disk drive, we are able to provide a deep scan of deleted items and trace elements from a hard disk drive.

We use world leader Magnet Axiom for hard disk drive analysis along with a handful of proprietary tools and industry accepted technologies. While we are able to offer on-site triage and acquisition, data analysis is best done within our lab as it is a time consuming and resource intensive operation. We run the latest i7 processing units to minimise analysis time and deliver fast results in the form of a portable case file that you may interrogate at your convenience. We follow a full secure chain of custody from device acquisition through to analysis and return of exhibits. Our lab facility is based in Cape Town and available for quantified inspection should this be required. In the normal course of business our lab has been inspected by various official agencies and corporate entities for compliance.

Cellular Phone Debugging

So, you’re worried that your phone has been hacked and cyber criminals are potentially spying. YES – it is possible for them to access your private information such as your online banking and social media account and pass it along to fraudsters.

In most spyware or malware cases, you will not notice your device is infected because it will be operating silently in the background, is barely noticeable and can disguise itself as an authentic application. 

Here are some signs that could indicate an infection…

- Frequent pop-up adverts
- Fast battery drain
- Random shutting down
- Strange messages
- Performance problems
- Fast data usage
- Crashing apps

Remove all traces of any spyware or malware from your cell phone with our affordable, effective cellphone debugging services. Here’s what we offer:

Walk-in: The cell phone must be brought into one of our offices in either Cape Town or Pretoria. Please note you MUST book 24 hours in advance - we cannot perform a scan without a booking. (This will take about one hour depending on the size of your cell phone's memory.)

Couriered: We will collect your cell phone by courier, ship it to our Cape Town or Pretoria office, check it and debug it if need be, and then send the report and the phone back to you. (This will take about four business days depending on the size of your cell phone's memory.)

Device Acquisition

As such we provide a hardware based cloning service which incorporates MD5 hash comparison to ensure that we have a 100% image of the source drive.

Our Cape Town and Pretoria offices are suitably equipped to provide this as an in-house or on-site service subject to availability. This service is generally a component of our Incident Response Service (hyperlink to page) however it can be used independently should you so require.

Testimony

Our analysts are able to assist with expert testimony as and where required within our field of expertise.

Please do not hesitate to contact us if we may be of service in this regard.

Due Diligence Investigations

We offer a digital due diligence service and work in conjunction with seasoned commercial investigators and private investigators as required to build a comprehensive picture of companies and individuals.

Our services include reputational management, digital tracing, company ownerships, lifestyle analysis and cross linking. Should you require our services in this regard, we invite you to make contact with us directly to set up an appointment at our Cape Town or Pretoria offices, alternatively to engage in a skype or telephone conversation around your direct needs. We engage with local and international companies to perform due diligence reports on a retainer basis as well as ad-hoc. Reputational management services are by retainer or via our Incident Response Team Services (hyperlink to that page).

Image Enhancement

While we would dearly love to provide a “CSI” type service where the smallest reflection in someone’s sunglasses reveals a crystal clear image of a suspect – this is limited to what we term “the elusive Hollywood” computer system.

We will gladly review your image(s) at our Cape Town or Pretoria offices and offer you a no-charge assessment of how much adaptive work can be done with the images you have available. From that point we will be able to offer an estimate of costs.

Certified Fraud Examiner Services

A CFE (Certified Fraud Examiner) is an individual with a range of skills that is not often found in any other career field. CFEs combine an extensive knowledge of financial transactions with an understanding of investigations and law to settle fraud claims.

A CFE offers a unique set of expertise in detecting, preventing and then investigating fraud – allowing your business to uncover fraud sooner and avoid losses that can negatively affect your organization. No organisation is completely safe from fraud and the damage that it can cause. From large corporations to small family-run businesses, fraud is often inescapable, resulting in a devastating outcome. Our CFEs in South Africa can protect you, your organisation and strengthen your overall anti-fraud efforts. We offer a range of digital forensics services including CFE in South Africa which can protect you, your organisation and strengthen your overall anti-fraud efforts. Are you looking for a CFE (Certified Fraud Examiner) in South Africa to conduct digital fraud investigations? Feel free to contact us on This email address is being protected from spambots. You need JavaScript enabled to view it. or call 021 110 0422 | 087 001 0523 if you wish to discuss your specific requirements.

Service of Summons

As a value added service to our clients abroad, we are offering a summons processing/service in South Africa.

We are able to affect the service of legal processing/summons in the following areas in South Africa:

  • Cape Town
  • Durban
  • Johannesburg

Please note that we may be available to offer our services to clients in other, additional areas on request. Service is executed by experienced process servers with supporting statements issued and commissioned to that effect. Generally we offer summons processing/services around the needs of attorneys, investigators and forensics audits, but we also cover a wider scope.

For additional information or discussions around the serving of legal process/summons in South Africa as well as additional areas, please do not hesitate to make contact with us directly on 021 110 0422 | 087 001 0523 or This email address is being protected from spambots. You need JavaScript enabled to view it.