AEGIS Forensic Service is a complete service to help investigators analyse cyber security events and understand their cause.

Advanced Visualisation Toolkit

Interconnected and easy to use interface that allows seamless exploration and drilling down in underlying data.

Real Time Log analysis

Easy connection to a number of logs found in your system and visualisation of the key points.

Threat Hunting

Detect threats and proactively isolate them and prevent incidents in your network.

Correlation Mechanism

Identify patterns and relationships between events and actions taking place in your infrastructure.


Use our set of agents to actively monitor critical assets and analyse current system status.


The forensics toolkit comes with connectors to existing SIEM and HIDS/NIDS software.


Read about the major steps required to have a working real-time forensic toolkit deployed.

1. Network Topology

Identification of current infrastructure and configuration of the tools accordingly.

2. Identification of CIPIs

Critical Infrastructure Performance Indicators (CIPIs) must be identified and monitored.

3. Deployment of Forencic Agents

CIPIs are collected by relevant agents installed on the monitored systems

Aegis Forensic Service Steps
4. Deployment & Configuration of the Visualisation Toolkit

Required middleware and communication configuration.

5. Connection with existing systems

SIEM and HIDS/NIDS software can provide input to the forensic toolkit.

6. Visualisation installation and testing

The Visualisation application can be installed locally or in the cloud.