M-Imaging and M-Analysis

AGREEMENT BETWEEN YOU AND Computer Forensic Kenya

The Computer Forensic Kenya  Web site is comprised of various Web pages operated by Computer Forensic Kenya  . The Computer Forensic Kenya  Web site, and corresponding products and services, are offered to you conditioned on your acceptance without modification of the terms, conditions, and notices contained herein. Your use of the Computer Forensic Kenya  Web site, and Computer Forensic Kenya  products and services constitutes your agreement to all such terms, conditions, and notices.

MODIFICATION OF THESE TERMS OF USE

Computer Forensic Kenya  reserves the right to change the terms, conditions, and notices under which the Computer Forensic Kenya  Services are offered, including but not limited to, the charges associated with the use of the Computer Forensic Kenya  Services. If you do not agree to the changes proposed by Computer Forensic Kenya  with respect to the Computer Forensic Kenya  Services, your sole and exclusive remedy is to terminate your use of the Computer Forensic Kenya  Services. Unless explicitly stated otherwise, any new features or products that change, augment or enhance the current Computer Forensic Kenya  Services shall be subject to these Terms of Use

LINKS TO THIRD PARTY SITES

The Computer Forensic Kenya  Web site may contain links to other Web sites (“Linked sites”). The Linked sites are not under the control of Computer Forensic Kenya  and Computer Forensic Kenya  is not responsible for the contents of any Linked site, including without limitation, any link contained in a Linked site, or any changes or updates to a Linked site.Computer Forensic Kenya  is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Computer Forensic Kenya  of the site or any association with its operators

NO UNLAWFUL OR PROHIBITED USE

As a condition of your use of the Computer Forensic Kenya  Services, you warrant to Computer Forensic Kenya  that you will not use the Computer Forensic Kenya  Services for any purpose that is unlawful or prohibited by these terms, conditions, and notices. You may not use the Computer Forensic Kenya  Services in any manner that could damage, disable, overburden, or impair the Computer Forensic Kenya  Services or interfere with any other party’s use and enjoyment of the Computer Forensic Kenya  Services. You may not obtain or attempt to obtain any materials or information through any means not intentionally made available or provided for through the Computer Forensic Kenya  Services

The process of collecting data and media imaging can be tricky.  The most critical factor in this process is preservation of the source data in its pristine format.  Any attempt at collecting data or media imaging that is not done following proper preservation steps and with the necessary equipment, can both disrupt the original data and not create an exact image of the original media.

We have the ability to perform either on-site or in-lab, forensic data collection and media imaging services.  Our collection and media imaging services are performed using with sound forensic methods and industry accepted practices.  This includes utilizing only industry accepted hardware and software for all collection and imaging process.

The collection / imaging process involves all the necessary write-blocking devices and duplication equipment needed to create what is known as a bit-stream image of your media.  A bit-stream copy is an exact “bit-for-bit” copy of your original media. This includes not only normal files, but files that reside in the area know as unallocated space where many deleted files and file fragments can exist.  Furthermore, we can create images in various formats including:

  •     DD (Raw)
  •     E01 (EnCase)
  •     AD1 (AccessData)
  •     AFF
  •     SMART
  •     Single Capture


Plus various others.

All images created are verified with the industry standard MD5, SHA1, and/or SHA256 hashes to assure you that you have an exact copy of the source media.

Digital Forensics Analysis

Offline Host Analysis
This is usually the most appropriate method following a breach of an organizational policy, such as theft of intellectual property, use of an organizations assets or resources for illicit or illegal purposes, or system compromise due to malware or a targeted attack. Investigation techniques used include analysis of deleted emails (including those sent using web-based email systems like Hotmail or Gmail) and email attachments; registry analysis covering the use of USB devices; file system analysis incorporating recovery of deleted files; file signature searches and manual file system reviews; timeline analysis; keyword analysis; and a detailed analysis of Internet usage.


Live Host Analysis

This is usually most relevant in situations where it seems likely that evidence is contained inside the system memory, which would become inaccessible if the system is powered down; or if the system in question is so important to an organization that powering it down would create an unacceptable level of disruption.

To seek out malware which is operating at low levels of the operating system and can modify native functions without the knowledge of that operating system, we use the following techniques:

  •     Memory analysis
  •     Network connections and traffic analysis
  •     Registry analysis (including use of USB devices)
  •     Running process analysis
  •     Rootkit detection


Sandbox Testing

In addition to the off-line analysis of media, CFK investigators are able to carry out ‘behavioral’ analysis. This involves connecting the media to a virtual machine in a virtual environment without being connected to the Internet. This technique is particularly useful in malware investigations where malware will try to call out to command and control infrastructure.
Reporting

At the end of any digital forensics investigation CFK will provide the client with a thorough report of the incident, signatures of any malware extracted, an assessment of the potential damage sustained in an incident, and recommendations to avoid a potential repetition of the incident.

CyberSecurity Training

Insurance industry has grown very fast in Africa and the growth can be attributed to technology adoption.

However the insurance industry is still struggling with cyber fraud and fake claims resulting to loss of billion of dollars.

At CFK we will ensure that your business stay safe by offering the following services:

1. Cyber fraud investigation awareness

2. CyberSecurity awareness and training

3. Digital forensics awareness and training

4. Fake claims investigations

5. Online brand protection

+ Many more as per clients requests

Kindly stay in touch with us through This email address is being protected from spambots. You need JavaScript enabled to view it. for great service

"We deliver on promise"

Law firms are facing a big challenge towards electronic discovery (E-discovery)

At CFK we have partnered with providers of E-discovery software systems which simplify that process for the lawyers.

CFK has years of experience helping law firms in the following areas:

  •     Expert Testimony in the areas of Digital Forensics, E-Discovery, and Cyber-crime
  •     Expert Reports and Rebuttal Reports
  •     Preparing Affidavits
  •     Deposition and Courtroom Support


Talk to us today through This email address is being protected from spambots. You need JavaScript enabled to view it. to provide the guidance needed for the electronic evidence to be admitted to the court.

"We deliver on promise"

CFK News Scroller

CFK associates is a pan African consulting firm with its headquarter in Nairobi Kenya. We are leaders in digital risks and investigations in the region. We have strong network of associates specializing in different areas of profession.

Our vision is to be the leader and set pace in digital forensics in Africa

Our mission is to provide our clients with world class experience through service provision.

Our slogan: "We deliver on promise"

What is Digital Forensics?

Digital forensics is the scientific process of capturing (imaging) and analyzing information stored in any electronic format, for the purpose of investigating allegations, to find the truth, with no predisposition as to the outcome. It is a highly technical discipline requiring a combination of unique skills relating to computer technology and software, formal investigative experience (law enforcement), proper evidence handling methods, and judgment. Computer forensics can be the key to:

  • Learning the truth
  • Taking appropriate action based on the facts
  • Winning the case.

At CFK we specialize in the listed services:

  • Digital Forensics (Computers and Mobile devices)
  • CyberSecurity Strategies and Management
  • Inappropriate Data Duplication
  • Private Investigation of Cellphone/Mobile Phone
  • Cyber Fraud and Money Laundering Investigation
  • Documents examination
  • Industrial Espionage
  • Online Brand Protection
  • Internal Corporate Investigation
  • Breach of Contract
  • Computer Break-ins
  • Digital Pornography
  • Inappropriate Internet Usage
  • Internet Abuse
  • Inappropriate Email Usage

Area of operation

We operate in the whole of Africa through our extensive network of associates who represents us in their respective countries