Forensic acquisition of evidence on the Internet

Web Forensics is a proprietary SaaS (Software as a Service) solution for acquiring web pages to be produced as evidence in court cases, complying with international best practices in computer forensics, namely the ISO/IEC 27037:2012 standard.

Discover Web Forensics

Features

Web Forensics makes it possible to acquire with legal value the status of one or more web pages of interest so that the content of those web pages can be proven in court at a precise instant.

The solution provides a secure forensic environment consisting of a web browser, several log consoles, and an application that "packages" the digital evidence and stores it in the cloud. An identical browsing experience to that conducted normally will be carried out, with the difference that this browsing, along with the technical documentation produced, is to be considered compliant with the main international standards of computer forensics.

Workflow Web Forensics

As a result it produces a self-consistent evidentiary package, called a forensic evidence package. A technical report containing timely information about the acquisition methodology and additional technical details to support the verifiability of the overall process must be attached to the digital evidence.

Forensics evidence package

The forensic evidence package contains the audio/video recording of the entire browsing process, the screenshots and downloads made, the network traffic generated, the SSL/TLS (Secure Sockets Layer/Transport Layer Security) keys, the image of the virtual machine used, some log files to support the verifiability of the overall process, and a summary XML file containing the fingerprints of all the previous files.

Technical report

The technical report is a document that contains all the information about the process put in place to acquire digital evidence. This document meets the process verifiability criteria required by the ISO/IEC 27037:2012 standard and is producible in court along with the forensic evidence package. The forensic evidence package and the technical report make up the digital evidence.

What types of content can you acquire?

Posts

Articles

Photos

Videos

Chats

Emails

Files

Posts

Articles

Photos

Videos

Chats

Emails

Files

For which instances may forensic acquisition of web pages be necessary?

People

  • Bullying
  • Defamation
  • Right to be forgotten
  • Identity theft
  • Hate speech
  • Marital infidelity
  • Revenge porn
  • Sexting
  • Stalking

Companies

  • Counterfeiting
  • Reputational crisis
  • Defamation
  • Theft of trade secrets
  • Employee disloyalty
  • Patent infringement
  • Copyright infringement
  • Trademark infringement
  • Infringement of utility models

What are the main platforms supported by web forensics?

Amazon

eBay

Facebook

Gmail

Instagram

Messenger

TikTok

Twitch

Twitter

WhatsApp Web

Yahoo Mail

YouTube

Clients

Arma dei Carabinieri
Bending Spoons
Chiara Ferragni
Giuffrè Francis Lefebvre
il sole 24 ore
itas
Leonardo
Mediaset
Medusa
SIAE
Sky
Wolters Kluwer

Prices

Forensic acquisition
carried out by the user

Starting from

75 €

+ VAT / forensic acquisition

Buy

Forensic acquisition
managed by an expert witness

Starting from

250 €

+ VAT / forensic acquisition

Calculate your quote

Are you interested in performing a free, automated forensic acquisition of a web page? With Web Forensics Instant, you will receive digital evidence that complies with the ISO/IEC 27037:2012 standard via email and within minutes.

Discover web forensics instant

La prova digitale (Digital evidence)

Purchase the volume "La Prova Digitale (Digital Evidence)," published by Giuffrè Francis Lefebvre and edited by the founding partners of Kopjra. Among many topics, it also addresses the ISO/IEC 27037:2012 standard and the forensic acquisition of web pages.

Purchase the volume

Insights

The main legislative reference is Law No. 48 of March 18, 2008, ratificating the Budapest Cybercrime Convention, by which it was stipulated that activities involving the acquisition of digital evidence must be arranged through suitable methodologies and techniques to ensure authenticity, integrity and non-repudiation, so as to guarantee the evidentiary value of the data and facts proved.

In addition to the above regulatory provision, as of Oct. 15, 2012, the International Organization for Standardization (ISO) launched the first edition of ISO/IEC 27037:2012 standard "Guidelines for identification, collection, acquisition and preservation of digital evidence," which defines guidelines for the identification, collection, acquisition and preservation of digital evidence. This international computer forensics standard is the first compendium of methodological and technical rules to be followed in forensic practice regardless of the legal context.

According to the ISO/IEC 27037:2012 standard, it is necessary to produce in court a forensic evidence package containing evidence that the content viewed while browsing was online at a certain date and time, guaranteeing the provenance of that content and its integrity. A qualified timestamp and an automatic digital signature are affixed to the summary XML file, which contains the fingerprints of all files included in the forensic evidence package, so as to ensure certain date and integrity of the digital evidence.