Forensics & Examinations

Computer forensics is the application of an established, repeatable methodology by specially trained information technology professionals who collect, preserve, and examine electronic media and other data in order to establish a historical record of activities contained within that evidence.  Our examiners are experts in reviewing electronic evidence and answering the questions that aid investigations. From network and host-based examinations in support of intrusions or malware analysis, or enterprise searching in support of e-Discovery requests, Iron Vine has the expertise and experience to answer your hardest questions.

Our experts manage and implement specialized tools to perform electronic forensics investigations. We leverage a proven forensics process to build and operate forensics capabilities and labs for federal agencies and other customers. Our certified examiners are experienced in the technologies and tools required to successfully collect and analyze electronic evidence in cases supporting policy violations, e-discovery, counter-intelligence, and fraud. We’ve successfully supported multiple departments within federal agencies, including: Office of General Counsel, Human Resources, Offices of Inspector General for Investigations (OIG/I), and Offices of Security.

What We Offer

Network and

We can use either your tools, logs, and systems or bring our own. When bad things happen, you need answers. Those answers come from the analysis of network and host activity, through the analysis of metadata and logs to network packet captures and system images. Our forensic analysis process begins with a discovery process and ends with a presentation of findings. All of our forensic analysts are professionally trained, reducing the risk of improper evidence handling and erroneous conclusions.


We deliver comprehensive intrusion detection and analysis programs.  We leverage custom network sensors and advanced endpoint solutions to maximize visibility and produce the most accurate picture of network and system activity. The results of the analysis are shared with the team to fix any underlying vulnerabilities, ensure continual policy updates, procedure updates, and process improvements.


We leverage our experience with forensic examinations and apply the same discipline and rigor to our enterprise searches in support of electronic discovery requests. Since 2006, when the Federal Rules of Civil Procedure were updated, we have provided our clients with e-discovery support services to help them respond to outside counsel or external department or agency e-discovery requests.