M. J. Thompson Network Solutions
Incident Response experts routinely coordinate with the high level managers, network administrators, and network security personnel.
Our Incident Response experts are required to be proficient in the following areas:
The analysis and interpretation of packet capture (PCAP) data, which is retrieved from intrusion detection systems and sniffers;
The ability to decode malicious website links and payloads, which have been obfuscated with Java
Script;
The ability to identify compromised systems in Enterprise environments;
The acquisition and examination of Random Access Memory (RAM) dumps;
The acquisition and examination of running processes, listening ports, established remote connections;
The acquistion and examination of system event logs, security event logs, application event logs
The acquisition and examination of web server logs;
