CSI Cyber Security Awards 2025 — Women in Cyber + Outstanding Training
Macksofy Technologies
24×7 IR hotline · 30-min bridge SLA

When the worst happens, every minute matters.

Macksofy's DFIR team responds to ransomware, business email compromise, insider threats and APT intrusions across India and the GCC. Court-admissible chain of custody, structured Velociraptor + KAPE collection, expert reporting for regulators, insurers and law enforcement.

Call IR hotlineDiscuss retainer
30 min
bridge for retainer clients
2 h
bridge for new clients
24 h
team on-ground (India + UAE)
6 h
CERT-In incident format
Incident timeline

T+0 → T+7d. Every minute documented.

Anonymised composite from the typical Macksofy ransomware engagement — what happens at each clock-tick from the moment your CISO hits the hotline.

  • Contain incidents in hours, not weeks
  • Preserve evidence for legal / regulatory action
  • Satisfy CERT-In incident reporting requirements (6-hour rule)
  • Reduce insurance claim disputes via proper documentation

  1. Triage call

    T+0

    30-min bridge · scope · isolate · engagement letter

  2. Evidence collection

    T+2h

    Velociraptor agents · KAPE offline · cloud log preservation

  3. Live analysis

    T+8h

    Volatility 3 memory · Plaso timeline · IOC extraction

  4. Containment

    T+24h

    Attacker eviction · persistence removal · cred reset

  5. CERT-In report

    T+72h

    6-hour-rule compliant · insurance · legal-ready

  6. Recovery + lessons

    T+7d

    Hardening plan · detection upgrades · tabletop replay

Chain of custody

Evidence that survives court.

Every forensic artifact gets a SHA-256, a custodian signature and an encrypted storage chain — accepted by Indian courts, RBI investigations, CERT-In and cyber-insurance arbitrators.

Stage 01
Acquisition

FTK Imager · write-blocker · SHA-256 captured

Stage 02
Live capture

Volatility 3 memory · network state · open handles

Stage 03
Sealed evidence

Encrypted storage · access log · custodian signed

Stage 04
Examination

Air-gapped lab · Autopsy · Plaso timeline

Stage 05
Court-admissible

Chain log · expert testimony · CERT-In format

court-admissible since 2014· accepted by RBI · CERT-In · India courts
Engagement snapshot

Ransomware · BEC · insider threat.

Mid-size manufacturer (Maharashtra)

Ransomware (LockBit variant)

Root cause · Initial access via exposed RDP + leaked creds; lateral movement via PsExec

Containment in 11h; 80% of systems restored from backups within 72h

Risk severity · Critical
LMHC
Forensic toolchain

Volatility · Plaso. Real DFIR tools.

Tools we operate
VelociraptorKAPEVolatility 3Plaso / log2timelineAutopsyFTK ImagerX-Ways ForensicsSANS SIFT WorkstationREMnux (malware)MISP (IOC enrichment)
What clients say · Trusted India + UAE

Rated 4.9 ★ from 612 client reviews.

Google
4.9 · 612 reviews
Trustpilot
4.8 · 412 reviews
LinkedIn
20K+ · followers
CERT-In Empanelled
Govt of India · MeitY
EC-Council ATC
Authorized Training
ISO 27001 Certified
Info Security Mgmt
We've worked with three Big 4 firms before Macksofy. None found what their team did in our payments stack. The most actionable report we've received in a decade.
AK
Aisha Khan
Information Security Manager · Listed Fintech · BKC, Mumbai
The CHFI training Macksofy delivered for our cyber cell raised investigation quality measurably. Practical, India-context-aware, and respectful of our operational realities.
IK
Inspector K. Joshi
Cyber Cell · Maharashtra Police · Mumbai
Came in with zero security background. 5 weeks later I was running Burp Suite and Metasploit confidently. Cleared CEH on the first attempt.
VI
Vivek Iyer
DevSecOps Lead · Healthcare SaaS · Hyderabad
Read all 612 reviews on Google →
FAQ

When the call comes in.

Initial bridge call within 30 minutes for retainer clients, within 2 hours for new clients. Forensic team on-ground within 24 hours anywhere in India / UAE.
Talk to us

Get a fixed-price proposal in 48 hours.

Tell us about your security need — pentest, audit, training or a wider engagement. A senior consultant will reply within a few business hours.

CERT-In Empanelled
Information Security Auditor · India
  • CERT-In Empanelled
  • EC-Council ATC · CompTIA Authorized
  • 20,000+ professionals trained
  • India + UAE engagements
Human verification· Cloudflare Turnstile

By submitting this form you agree to be contacted by Macksofy. We typically respond within a few business hours and never share your details. Protected by Cloudflare Turnstile and rate limiting.