DFIR – Digital Forensic Investigation is a NourNet cybersecurity services offering that provides digital forensic investigation service for evidence collection, log/artifact analysis, root-cause analysis, and forensic reporting. The service is delivered using the commercial model “Reserved Capacity” and measured by “Hour”. It can be combined with relevant NourNet cloud, connectivity, cybersecurity, data-center, managed and professional services to form an end-to-end solution. Final sizing, architecture, price, service levels and responsibilities are confirmed through the approved quotation and service schedule.
DFIR – Digital Forensic Investigation
Contact Sales
Digital forensic investigation service for evidence collection, log/artifact analysis, root-cause analysis, and forensic reporting.
Service Information
- Unit
- Hour
- Billing Model
- Reserved Capacity
- Minimum Contract
- 12 months
- SLA
- 24x7 service desk with severity-based response and escalation targets defined in the service schedule
- Activation Time
- Scheduled based on agreed scope and resource availability
- Region
- Saudi Arabia
- Data Residency
- Saudi Arabia
Key Features
- Security controls delivered and operated by experienced cybersecurity specialists
- Integration with customer infrastructure, cloud and security platforms
- Policy, monitoring, incident and reporting capabilities aligned to the service scope
- Designed to support Saudi regulatory and organizational security requirements
- Forensic evidence collection and analysis
- Documented investigation and incident-response support
- Description
- Service Details
- Additional information
- Service Scope
- Prerequisites
- Exclusions
- Compliance
Service Details
DFIR - Digital Forensic Investigation is a NourNet cybersecurity services offering that provides digital forensic investigation service for evidence collection, log/artifact analysis, root-cause analysis, and forensic reporting. The service is delivered using the commercial model “Reserved Capacity” and measured by “Hour”. It can be combined with relevant NourNet cloud, connectivity, cybersecurity, data-center, managed and professional services to form an end-to-end solution. Final sizing, architecture, price, service levels and responsibilities are confirmed through the approved quotation and service schedule.
| Unit | Hour |
|---|---|
| Billing Model | Reserved Capacity |
| Source Category | CyberSecurity Services |
| Region | Saudi Arabia |
| Data Residency | Saudi Arabia |
Service Scope
- Technical assessment and onboarding
- Configuration of the contracted security controls or platform
- Monitoring, administration and reporting activities defined in the service schedule
- Incident escalation and vendor coordination where applicable
Prerequisites
- Approved purchase order and final technical/commercial scope
- Authorized customer contacts and timely access to required information
- Completion of security, connectivity and access prerequisites
- Customer approval of the service design and responsibility matrix where applicable
- Asset, user, log-source or data-source inventory as applicable
- Approved security policies, escalation matrix and integration access
Exclusions
- Items not explicitly listed in the contracted scope
- Third-party licenses, subscriptions or hardware unless specifically quoted
- Customer application changes, remediation or data cleansing unless included
- On-site activities, after-hours work or travel unless explicitly included
- Business-owner remediation and application code fixes unless included
- Legal representation or regulatory certification decisions
Compliance
- Designed to support alignment with applicable NCA controls and customer security requirements
- Saudi PDPL and data-residency requirements considered according to the final solution design
