forense.io
Digital forensics with preserved chain of custody
Specialization in digital forensics following ISO 27037/27042 — judicial expertise, corporate investigation, incident response.
why it matters
Digital evidence is volatile and can be destroyed in minutes.
Digital forensics is essential for judicial investigations, incident response and compliance.
forense.io conducts expertise with ISO 27037/27042 methodology, preserving chain of custody and producing defensible reports in court.
typical use cases
Ransomware: Company needs to determine entry point and scope of compromise
Memory forensics (RAM), disk cloning (bit-by-bit) and logs to map attacker TTPs and incident extent.
Data breach: Track how CPFs/cards left the company
Analysis of database access, network logs, emails and devices to identify exfiltration vector and authorship.
Corporate investigation: Internal fraud or IP violation
Endpoint forensics (emails, WhatsApp Desktop, Google Drive) respecting LGPD and preserved chain of custody.
Legal process: Expertise of seized device (notebook, smartphone)
Credentialed judicial expert performs technical examination with structured report and oral defense in hearing.
main resources
Complete forensics expertise following international standards
Disk Forensics Analysis
Bit-by-bit cloning, deleted file recovery, filesystem analysis (NTFS, ext4, APFS).
Memory Forensics (RAM)
Analysis of processes, network connections, in-memory malware and volatile credentials.
Mobile Forensics
Logical/physical extraction of smartphones (iOS/Android), app analysis, WhatsApp, Telegram.
Network Forensics
PCAP analysis, firewall logs, IDS/IPS, HTTP/HTTPS session reconstruction.
Timeline Analysis
Chronological reconstruction of events (file system, registry, logs) to understand attack sequence.
Chain of Custody
Complete documentation of preservation, collection, transport and evidence analysis (ISO 27037).
Expert Reports
Structured technical reports with ISO 27042 methodology, reproducible and defensible in court.
Expert Testimony
Oral defense of report in judicial hearings with language accessible to legal professionals.
Counterproof and Re-examination
Critical analysis of third-party reports, identification of methodological flaws and second opinion.
Evidence Preservation
On-site or remote collection with certified tools and cryptographic hash for integrity.
forensics metrics
Track record of forensic excellence
forensic process
From initial contact to final report in 2-4 weeks
Initial Contact and Triage
Understanding the case, type of evidence, urgency and objectives of forensic analysis.
Preservation and Collection
On-site or remote evidence collection with certified tools and complete documentation.
Forensic Analysis
Technical examination of evidence following ISO 27042 methodology and NIST guidelines.
Expert Report
Structured technical report with findings, methodology, conclusions and attachments.
Presentation and Testimony
Report defense in court (if applicable) or executive presentation to client.
Need expertise or investigation?
Request forensic analysis for incidents, legal processes or corporate investigations.