Skip to main content Skip to search

Digital Forensics

Digital evidence

The methodology used for securing and processing digital information must meet a number of conditions in order to make it admissible as legal and reliable evidence in court cases. For example, the integrity of the digital evidence must be preserved and the evidence be fully reproducible.

The report is the final product of the study and contains a clear management summary and substantiated conclusion. Naturally, our specialists’ technical findings are also part of this report.

Minimise the risks

Following an incident, it is important to establish exactly what happened and what caused it, for a number of reasons. If an incident has to do with personal data, investigation is compulsory under European privacy law. The main rules for the handling of personal data in the Netherlands are laid down in the General Data Protection Regulation (GDPR).

In the event of an incident, important questions include:

  • What is the cause of this incident?
  • How long has this been going on?
  • What systems and what data are involved?
  • Is intent or negligence involved?

The importance of digital investigation

In a highly digitised society, the analysis of digital data is undeniably important. In addition to their physical lives most people lead digital lives too. Collecting and analysing traces of both identities enables the creation of a complete picture of someone’s activities. Digital data provides insight into someone’s location, the means of communication they used, and the seriousness of an incident. When obtained correctly, digital evidence is often decisive in many legal disputes.


Our specialists use modern forensic hardware and software, which guarantees the integrity of the evidence. The following is a small selection of the many types of digital forensic services that PSG provides:

  • Computer breach (hacking)
  • Preservation order
  • Corporate espionage
  • Stalking, including cyberstalking
  • Data recovery
  • Corporate fraud
  • Data breaches
  • Phishing
  • Et cetera

Depending on the type of investigation, various forensic techniques are used to collect relevant digital evidence. The following is a non-exhaustive list of the techniques we use:

  • Data recovery (recovery of deleted files, if these have not been overwritten);
  • Internet history
  • Search terms used
  • Chat history
  • Opened files and directories visited
  • E-mail traffic
  • Cloud environments
  • Usernames, passwords, and tokens
  • Encrypted files
  • Presence of child pornography
  • Working memory analysis (RAM)
  • Processes/services
  • Ports
  • Malicious software (malware)
  • Timeline analysis aimed at identifying, for example:
  • Improper access
  • Tools, techniques & procedures (TTPs) used
  • Determination of data exfiltration (size and impact)
  • Connected peripherals (phones and USB devices)
  • And many more!

PSG’s forensic investigators have years of experience in fields such as defence, police, Interpol and special investigation services. They all hold a private investigation licence granted by the Ministry of Justice and Security. They have also obtained internationally recognised certifications such as:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Computer Examiner (CCE)
  • Encase Certified Examiner (EnCE)
  • Certified Fraud Examiner (CFE)
  • Certified Ethical Hacker (CEH)

Forensic experts from PSG Recherche prove their added value in every investigation. In addition to holding globally recognised certifications, they have years of experience with the National Investigation Service, Interpol and leading private sector security organisations.

Our experts are real specialists who keep their knowledge up-to-date through ongoing education and training. This enables them to consistently contribute to the high quality of the services provided by PSG Recherche.