“How was the network initially compromised?”—This is the question investigators and incident responders hear every time they come to do their job. In fact, these days, most cyberattacks—advanced targeted and otherwise—start from a simple phishing email with a weaponized attachment or web link. In this whitepaper, we will examine the most common initial infection vectors and show how Belkasoft Evidence Center X helps incident responders and forensic analysts to find the needed evidence.

Download our whitepaper and get the basic plan on finding the initial infection vector including:

• Search for desktop mailboxes
• Search for webmail traces
• Look for attachments in emails
• Look for file-sharing services links distributed via emails
• Analyze USB device usage history
• Analyze RDP connection