Solutions > Digital Forensics and Incident Response

Digital forensic investigations, proactive threat hunting and cyber breach response

CyberCX has the region’s largest and most advanced investigation and response practice. Our dedicated team of specialists are ready to help your organisation conduct forensic investigations and respond to cyber incidents.

We have led the cyber breach response for some of the most sensitive, complex and high-profile incidents in recent years. But we also help to secure our communities by working with organisations of all sizes, across all sectors, and at all stages of their cyber security maturity.

Report a cyber incident

CyberCX Best Practice Guide

Ransomware and Cyber Extortion

Seven practical steps to protect your organisation

Plus advice on how to respond if an attacker does overcome your defences. Includes our methodology for answering that most difficult question “should you pay a ransom?”

CyberCX Best Practice Guide

Ransomware and Cyber Extortion

Seven practical steps to protect your organisation

How to protect your organisation. Australian and New Zealand organisations face growing risks from cyber extortion, including ransomware.

Sovereign capability across Australia and New Zealand

With over 35 dedicated staff, we offer a truly sovereign capability ready to quickly deploy when needed. Our unique approach combines the dynamic response of a boutique team with the scale and depth of an international provider.

Unmatched insight into the regional threat landscape

We perform detailed forensic investigation and response on over 300 serious incidents every year. Our scale and expertise gives us an intimate understanding of the threat actors targeting our region, which helps us quickly focus our investigations for the most effective outcomes.

Broad and deep technical expertise

We are a highly specialised team of technical experts. Our team members are not generalists. Each brings deep expertise which combine to cover all areas of digital forensic investigations, threat hunting and cyber breach response.

Complete incident response

Gain the confidence of support from internationally recognised experts with local insight who understand that responding to a critical incident requires more than technical expertise, and who provides truly end to end capability across cyber incident coordination, crisis communications, digital forensic investigations, cyber incident response, ransomware recovery and complete system restoration.

Our Solutions

Comprehensive cyber breach response and recovery support

We offer comprehensive support to confidently respond to and recover from a cyber breach, from initial detection to full operational restoration, plus resilience against future attacks. Our services include:

Fully integrated response and recovery services

Restoration of systems and networks

Proactive compromise assessment

Deep forensic analysis to reconstruct attacker activities

Ongoing security monitoring post-breach

Eradication / eviction of attackers from the environment

Security testing and remediation

Independent risk assessments for customer assurance

Our technical capabilities
include:

Deep forensic analysis of compromised systems

Live network threat hunting

Enterprise-wide evidence collection and forensic analysis

Advanced endpoint monitoring

Memory collection and forensic analysis

Malware reverse engineering

Retainer services built for partnership, not profit

We provide an industry-leading retainer developed to foster a true partnership with our clients. We’re more than just a phone number to call as a last resort.

Before a breach

Pre-agreed contract – to streamline engagement when incidents occur.
Onboarding workshop – our investigators learn about your environment and agree how breaches will be responded to.
Regular cyber intelligence updates – to keep you appraised of the local threat landscape.
Proactive threat hunting – to proactively identify evidence of breaches and exercise breach response capabilities to prepare for a real incident.
Cost-effective – low base retainer fees provide unlimited 24×7 triage response advice, with additional services and fees only if required.

When a breach happens

Fast triage response – standard four hours (with option to upgrade).
Uncapped access to triage response advice when high-risk situations occur – call us whenever, and as often as you need, without paying any additional fees (unless you need additional services beyond initial triage and advice).
Discount on any additional response services – pay for additional services only if needed, with a significant discount.

“Threat intelligence is a force-multiplier for cyber security. We work together with our customers as their intelligence partners.“

– CLAUDIA MULLER
Lead Cyber Intelligence Analyst

Digital Forensic Investigations

For us, “forensics” isn’t just a marketing term. Our team’s work is deeply rooted in our core digital forensics expertise, and all our work is performed using appropriate tools and methods that allow the work and findings to be relied upon in legal, regulatory and other proceedings if required. Our team includes some of Australia’s leading digital forensic investigators who have performed thousands of investigations and presented expert evidence in legal proceedings.

Our digital forensic expertise includes a broad range of incidents, including:

Company investigations

Data theft investigations

Commercial litigation

Regulatory investigations

Criminal proceedings

Expert opinion evidence

Preservation of evidence

Electronic discovery

Why CyberCX digital forensics, threat hunting and cyber breach response?

In addition to our scale, recognised expertise and significant operational experience our customers benefit from the following.

Intelligence led

We integrate tightly with the CyberCX Cyber Intelligence team and work alongside CyberCX Security Operations Centres to proactively hunt for new threats across our managed client networks and to seamlessly respond to high-risk detections. We can quickly identify new attack campaigns and affected organisations (sometimes even before they know something is wrong).

Information-sharing partnerships

We are a highly networked, collaborative team. We actively foster information-sharing across governments and industry sectors, reflecting CyberCX’s mission to secure our communities, and giving us access to high-value threat information.

Collaboration with cyber insurers

We have a strong practical understanding of cyber insurance needs and work closely with insurers to ensure our work is properly defined against policy requirements, making any subsequent claim process as smooth as possible.

Forensic rigour

Our work is performed using appropriate forensic techniques, allowing evidence and findings to be relied upon in legal and other proceedings if required. We work closely with our clients’ legal advisors to understand the implications of forensic findings and assist in meeting the client’s legal obligations.

Ready to get started?

Find out how a digital forensics, threat hunting and cyber breach response retainer partnership with CyberCX can help your organisation to quickly and effectively respond to and recover from cyber incidents.

Talk to an expert

Learn about our other practices

Strategy and Consulting
Strategic guidance from multi-disciplined security experts and industry leaders.

Governance, Risk and Compliance
Improve business outcomes and continuity with expert guidance and best practices.

Security Testing and Assurance
Quickly identify, manage and reduce security issues with comprehensive testing.

Identity and Access Management
Control costs and maintain appropriate access to your most critical information.

Network and Infrastructure Solutions
Design, integrate and deploy solutions to support your technology needs.

Cloud Security and Solutions
Improve business automation and scalability with design, build and secure cloud and data solutions.

Managed Security Services
End-to-end expertise delivered as a service, to achieve real business outcomes.

Digital Forensics and Incident Response
Recover rapidly from cyber incidents with our independent forensic investigators.

Cyber Capability, Education and Training
Develop skills, capabilities and cyber security know-how across your organisation.

Privacy Advisory
Managing privacy risk with expert guidance from our team of dedicated and experienced privacy professionals.

Cyber Intelligence
We empower decision-makers and security teams to become intelligence-led.

Navigation ▼

   Our Solutions
   Digital Forensic Investigations
   Why CyberCX digital forensics
   Talk to an expert

Digital forensic investigations, proactive threat hunting and cyber breach response

Ransomware and Cyber Extortion

Seven practical steps to protect your organisation

Ransomware and Cyber Extortion

Seven practical steps to protect your organisation

The largest and most advanced investigation and response team in the region

Sovereign capability across Australia and New Zealand

Unmatched insight into the regional threat landscape

Broad and deep technical expertise

Complete incident response

Our Solutions

Comprehensive cyber breach response and recovery support

Retainer services built for partnership, not profit

Digital Forensic Investigations

Why CyberCX digital forensics, threat hunting and cyber breach response?

Intelligence led

Information-sharing partnerships

Collaboration with cyber insurers

Forensic rigour

Ready to get started?

Learn about our other practices

Capabilities

Insights