iForensics Digital Inc. CEO Po Huang

According to the announcement of ‘Information Security Law and Regulations’ in Taiwan in 2018, once there’s an information security issue happening in the digital system, investigation must be conducted. Furthermore, evaluation of the scope of the incident’s effects and the root cause analysis are necessary in addition to avoid the same thing from happening. Among the attacks, the most difficult one to defend is the advanced persistent threat (APT). From small as a home security system to large as factory or national facility control systems, if these systems are invaded, it would often be a great loss.
The mobile platform and the cloud system have been the targets of cyber threats. iForensic has engaged in Digital Forensics for years, among the cases, we have noticed that the percentage of the case in related with Cloud Forensics and APP Security Investigation has increased recently. As the Cloud Application develops, the retention of digital evidence has been more and more significant, also, we have to take the non-repudiation into consideration. Unlike the traditional anti-virus engines using static analysis, eDetector, our own- developed malware detecting and blocking tools, can rapidly collect evidence, detecting and analyzing by sending abundant agents to conduct the real-time host memory dynamic analysis, whitelist learning and various evidence collection and analysis.
After identifying the suspicious target with eDetector, comprehensively create an image file of it and then investigate with Magnet Axiom, the advanced all-in-one forensics software, to shorten the investigating process and to complete the investigation rapidly.
Facing the fast evolution of threats in the upcoming future, how to quickly find out the cause and fix the vulnerability has been a new information security concept which is currently a lack to the industry. Rome wasn’t built in a day. A perfect defending solution takes time. Learning from the incidents and minimizing the loss is the best weapon for the information security personnel so far.