AhnLab Products & Services

Forensic Services

Professional Digital Forensic and Incident Response Services

With its exclusive analysis technology and response know-how to a variety of security incidents, AhnLab provides forensic services for analysis and responses against advanced and sophisticated threats such as APTs (Advanced Persistent Threats).

AhnLab’s digital forensic service team, A-FIRST (AhnLab Forensics & Incident Response Service Team), is comprised of digital forensics experts in the areas of digital forensics, malware, networks and vulnerability. This team of highly dedicated and experienced professionals investigates the cause, scope of damage, and intrusion paths to prevent threats from reoccurring and spreading. This service will reduce your security costs by preventing reoccurring and spreading threats, and will enhance your security level. The Incident Analysis Service of AhnLab is provided for customers who need to analyze current and past intrusions. The experts at AhnLab forensic service team, A-FIRST, analyze corporate systems and networks to find the cause, scope of damage, and paths of intrusion, and then provide an analysis result report on their findings and customized guidelines to improve the security system.

Security Incident Analysis Service Process


Distinguished Security Insight

A-FIRST (AhnLab Forensics & Incident Response Service Team) is not only comprised of digital forensic experts, but also includes specialists in network analysis, malware analysis, vulnerability analysis, and kernel and system analysis. AhnLab’s forensic service is different from other incident response services that have experts from only one or two fields.
AhnLab’s forensic service provides a comprehensive analysis and response against security incidents by finding all possible evidence from multiple security perspectives and offers appropriate security countermeasures for the client.


Various Security Incidents Response Know-How

AhnLab is widely recognized for successfully responding to various APTs, to security breaches that occurred in online game companies and broadcasting companies, and also to many large-scale cyber terror attacks, including massive DDoS attacks, which occurred in South Korea. By conducting forensic analysis based on an effective and systematic process along with its many years of experience and know-how, AhnLab presents the most appropriate security countermeasures to protect businesses.

Exclusive Digital Forensic Technology

AhnLab has its own R&D (research and development) team and security incident response technology. Therefore, AhnLab can provide its exclusive unknown-malware detection technology based on our own incident response know-how and digital forensic expertise. We developed our own analysis and recovery technology that does not support general forensic tools to analyze any trace left by the attacker through detection and recovery. AhnLab also promptly and efficiently analyzes multiple systems in a single corporate network through AhnForensic Agent, its own agent, and “Agent-based Forensic Analysis Framework.”

AhnLab’s Malware Analysis Infrastructure

AhnLab has collected vast amounts of malware samples and contents through ASD (AhnLab Smart Defense, a large-scale cloud-based malware analysis system), Packet Analysis Center, SiteGuard web analysis agents, and Secure DNS. The forensic experts at A-FIRST use the big-date based analysis infrastructure to conduct fast and accurate analyses and provide outstanding services.

AhnLab's Malware Analysis Infrastructure