Digital forensics

Digital forensics : turning traces into evidence, without waiting for an investigating judge

Digital forensics :

turning traces into evidence, without waiting for an investigating judge

A workstation to examine before a contentious departure, a phone to analyse after suspected harassment, a compromised server whose attack origin must be understood, surveillance cameras whose recordings appear erased: in all these situations, digital elements hold the key to the case. Provided you know how to extract and use them before they disappear.

Cyber Praxis has provided digital forensic services in private and civil contexts for more than twelve years. Our experts intervene without requiring an investigating judge to be involved, applying a recognised methodology and professional tools — so you can act quickly, in complete confidentiality, on a solid factual basis.

service-visuel-digital-forensics
image cybersécurité

Why choose private expertise rather than a judicial investigation

Many executives believe that a digital investigation can only be conducted within the framework of a judicial inquiry. This is a costly misconception: while one hesitates, traces disappear.

Both Belgian and French law fully recognise the admissibility of digital evidence collected by a private expert, provided the collection is lawful, proportionate and documented. Private expertise offers three decisive advantages.

Speed first

We can intervene within 24 to 48 hours, whereas the appointment of a judicial expert takes several weeks, sometimes several months. And in the digital world, every passing day erases clues.

Confidentiality next

The report belongs to you. It is not added to any case file without your consent, and it is covered by the professional secrecy applicable to exchanges with your lawyer. You decide what is done with it.

Control of scope finally

You tell us what you want clarified and we tailor the investigation to your questions. Should the matter later escalate to litigation, the report remains fully usable provided the chain of custody has been rigorously documented — which is our standard.

Expertise for four client profiles

Businesses and organisations

You are an executive, CISO, DPO, in-house counsel or HR director. An internal situation concerns you: suspected file copying before a departure, accounting fraud, inappropriate behaviour, cyber incident, data breach. Before any major decision — dismissal, complaint, notification to the data protection authority, insurance claim — you need solid factual elements. Cyber Praxis provides them.

Private individuals

You face a personal situation where the digital trace matters: your smartphone behaves strangely, you fear being spied on, you suffer online harassment, your identity is being misused, digital elements appear in a family dispute. Our intervention remains strictly confidential and respects the privacy of third parties.

Law firms

The digital dimension is appearing in your cases — criminal, employment, commercial, family — without the necessary technical expertise always being available in-house. Cyber Praxis works alongside you to produce unilateral expertise, challenge an opposing party’s report, assist you at hearings, or train your teams in the key concepts of digital evidence. Our reports are written in a form directly usable in proceedings.

Insurance companies

A cyber claim to investigate, insurance fraud to substantiate, a suspicious declaration to verify? Digital investigation makes it possible to establish the materiality of the facts, to evaluate the consistency of a declaration, to identify the exact scope of damage, and where appropriate to highlight elements incompatible with the claimant’s version.

All digital media we analyse

iOS and Android smartphones

The mobile phone is today the richest source of information in an investigation. Cyber Praxis uses industry-leading tools — Cellebrite UFED and Premium, GrayKey, Magnet AXIOM, MSAB XRY — to extract data depending on the device model and its lock state. We analyse messaging applications (WhatsApp, Signal, Telegram, SMS), call and location history, photos and EXIF metadata, applications, iCloud and Google backups. We specialise in the detection of spyware and stalkerware, an area for which we have developed a dedicated methodology.

Windows, Mac and Linux computers

On workstations, we perform a forensic image acquisition of the storage, analyse RAM memory, and reconstruct user activity in full: Windows registry, event logs, MFT, LNK and Prefetch files, USB and browser history. We answer precise questions: was this file opened, copied to a USB drive, transferred to a personal cloud? At what time did this employee log in?

Servers, cloud and event logs

Reconstruction of attack timelines, identification of the initial vector, scope of compromise, exfiltration traces. We analyse Windows Event, Sysmon and Linux syslog logs, as well as audit logs from Microsoft 365, Azure AD, Google Workspace and AWS CloudTrail. A methodology particularly suited to incident response, internal fraud and HR investigations.

CCTV cameras and connected objects

Recovery of deleted recordings, authenticity and integrity verification, timestamp validation, restoration of degraded images. We work on NVR and DVR recorders (Hikvision, Dahua, Axis), home automation ecosystems, connected boxes, GPS trackers and alarm systems.

Embedded systems and industrial environments

Cyber Praxis offers rare expertise on industrial PLCs, SCADA equipment, payment terminals and connected medical devices. A skill set called upon for challenges to metrological data, suspected industrial sabotage, or breaches affecting system safety.

A methodology aligned with international standards

Our approach is grounded in the international standards for digital evidence: ISO/IEC 27037 for collection, ISO/IEC 27042 for analysis, and the NIST SP 800-86 publication for overall investigation conduct.

Each mission follows five documented steps: identification and legal framing of the case, preservation under write blocker with digital seals, forensic acquisition with SHA-256 cryptographic hashes, analysis exclusively on a working copy, and delivery in the form of a structured and illustrated report.

The report rigorously distinguishes between established facts, formulated hypotheses and the limits of the investigation. It is drafted to be read both by your counsel and by a magistrate should the matter escalate to litigation.

The legal framework of our intervention

Evidence obtained unlawfully becomes a risk for whoever relies on it. From the outset we integrate the obligations arising from the General Data Protection Regulation (GDPR), employment law, the confidentiality of correspondence and, in Belgium, the Act of 18 May 2024 on the profession of private detective.

Cyber Praxis operates within the legal framework of technical IT expertise, legally distinct from the private detective profession. When a mission requires physical surveillance or personality investigations, we refer you to a licensed detective. This clear boundary protects the admissibility of our work.

Why Cyber Praxis

More than twelve years

of experience in cybersecurity and IT expertise. Our firm is certified ISO/IEC 27001:2022, and our teams include technical experts, lawyers and multidisciplinary consultants.

Full independence

Cyber Praxis does not resell hardware, software or managed security services. Our sole activity is advisory, audit and investigation — which guarantees the objectivity of our conclusions, including when they do not point in the hoped-for direction.

Presence in Belgium and France

Office based in Lasne, Walloon Brabant, with interventions throughout Belgium and in mainland France.

Don't wait any longer

Contact our experts

A free and confidential initial telephone consultation to qualify your situation, identify media to be preserved urgently and estimate the cost of an intervention. Technical on-call service available for critical incidents.