BinaryResponse Logo

BinaryResponse is the incident and breach response wing of BinaryLab.

The core disciplines within the group are sensor deployment, artifact collection and evidence preservation, digital forensics, and, if needed, network remediation to steady state operations.

Sensor Deployment

BinaryResponse is a tool-agnostic, digital forensics and incident response (DFIR) firm. Our engineers deploy sensory commercial tools (COTS) on a target environment and catalogue networks to provide visibility and assist with real-time incident handling capabilities. BinaryResponse tools allow clients to instantaneously contain, remediate, and isolate the rest of their enterprise from threats to allow for analysis and operations to continue.

Digital Forensics

Digital forensics examines system data, user activity, and other digital evidence to analyze abnormal behavior, create timeline, root-cause, and vector analyses. It also determines if data has been accessed and/or removed from the environment by the threat actor.

The proactive prism in which forensics are conducted takes the mindset of an attacker and in mitigating the threat, our engineers will enumerate and provide solutions to reduce the threat surface on the target environment.

Mobile Forensics

Mobile forensics aims to recover evidence from a mobile device — a phone or tablet — in a secure manner. BinaryResponse’s heightened security process of obtaining, transporting, and analyzing data in a secure and unaltered method ensures integrity and confidentiality to the results of a forensic investigation.


Remediation operations are conducted in conjunction with forensic analysis and incident handling to restore a client to a steady state of operations. BinaryResponse engineers custom build remediation plans in accordance with the client’s operational needs, including network down time and risk profiles.

Prior to conducting remediation operations, BinaryResponse performs the following:

  • Objective network enumeration resulting in asset inventory and network diagram.
  • Vetting of back-ups for confidentiality, integrity, and availability.
  • Personal conversations with stakeholders to create a tailored plan that meets client expectations for network down time and risk assumed.