Kroll is the largest global incident response provider with unrivalled expertise and frontline threat intel to protect, detect, and respond against cyberattacks.
No matter the type of data loss or cybercrime, Kroll has the experience and resources (human and technology) to move quickly, to discern, isolate and secure valuable relevant data and investigate the digital trail, wherever it may lead. For example, in the case of malicious insiders, we can combine computer forensic expertise with traditional investigative methodology, including interviews and surveillance, to retrace the behavior of people who may have had access to protected or proprietary information.
In the event of digital attacks, such as malware, ransomware or an email account compromise, Kroll’s cyber investigation teams can collect and examine physical and digital evidence to uncover important information, such as where, when and how an incident occurred—and if systems are still at risk. We will determine what data was compromised and whether digital evidence was erased or modified. We will also work with your teams to recover data, whenever possible, and recreate events and exchanges so that you have an accurate diagnosis to develop an effective recovery plan.
– Devon Ackerman, Managing Director, Global Head of Digital Forensics and Incident ResponseWith the rising concerns of ransomware and intrusions that leverage data exfiltration, Kroll’s incident response teams have not only the experience to properly investigate the many aspects of risk to data, but also the technical understanding of how to properly contain the threat and eject active actors from compromised networks.
A global software company based in Europe received an email from an anonymous source stating the sender had access to personally identifiable information, confidential financial data and IP source code for one of its subsidiaries. The sender gave Kroll’s client two weeks to pay a ransom of one million euros in bitcoin before it was leaked. Kroll's forensic investigators ascertained that an insider threat was the source of the infiltration, identified the individual responsible and provided the necessary evidence to assist with a prosecution.
For more details, read the full case study.
Elite DFIR | Litigation Support | Intelligence Platform |
---|---|---|
|
|
|
Communication | Remediation and Recovery | Notification |
---|---|---|
|
|
|
Kroll’s cybercrime investigation experts reflect our multidisciplinary team approach to problem-solving and leadership. In the event of litigation or regulatory action, we can work closely with general counsel, senior executives, audit committees or outside counsel at each stage to explicate forensics data and assure your objectives are met. If requested, we can assemble a case file for a referral to a regulator or law enforcement agency or serve as expert witnesses.
Below are a select few of our services available to support incident response, eDiscovery and cyber investigations:
Many more solutions are available, use the links on this page to explore them further or speak to a Kroll expert today via our 24x7 cyber incident hotlines or our contact page.
Improve investigations and reduce your potential for litigation and fines with the strict chain-of-custody protocol our experts follow at every stage of the data collection process.
Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Digital forensic experts investigate hundreds of Office 365 incidents per year and help strengthen your security.
Kroll’s Malware Analysis and Reverse Engineering team draws from decades of private and public-sector experience, across all industries, to deliver actionable findings through in-depth technical analysis of benign and malicious code.
Our expertise allows us to identify and analyze the scope and intent of advanced persistent threats to launch a targeted and effective response.
In a business email compromise (BEC) attack, fast and decisive response can make a tremendous difference in limiting financial, reputational and litigation risk. With decades of experience investigating BEC scams across a variety of platforms and proprietary forensic tools, Kroll is your ultimate BEC response partner.
Award winning, Forrester-recognized eDiscovery specialist trusted by clients year after year with experienced professionals who provide support throughout the entire eDiscovery lifecycle.
Whether responding to an investigatory matter, forensic discovery demand, or information security incident, Kroll’s forensic engineers have extensive experience providing litigation support and global eDiscovery services to help clients win cases and mitigate losses.
by Eric Zimmerman, Andrew Rathbun
by David White
by George Glass
by Dave Truman
St Stephen's Green Residents Club's Inaugural Event
“As a Cyber Risk Retainer client, we have appreciated Kroll’s expedited response for potentially critical issues. Their subject matter expertise allowed us to contain a situation prior to it developing into a significant issue.” – Option Care Health | |
“Kroll's Cyber Risk Retainer program gave us the flexibility to utilize our retainer credits to help us accomplish some of our IT security goals during the year, while having the peace of mind that we had a Tier 1 partner to quickly respond if we had some type of cyber incident.” – Netscout Systems, Inc |