Have you detected abnormal behavior on your systems, network or application usage? Your organization may be the victim of a cyber-attack. Incident Response helps you to assess the situation, and if necessary to contain the attack, evict the attacker and restore your operations. Our experts intervene quickly at your request, analyze in depth your environment to determine the perimeter controlled by the attacker, the impact of the attack and how to fix it.
Incident Response intervention
Assessment
A proven approach based on NIST and other best practices
Benefit from our approach based on the determination of a restricted perimeter impacted by the incident, then by the gradual extension of the perimeter until the full knowledge of the incident is reached.
Remediation
Support in the implementation of the remediation strategy
▪ Containment of the incident to prevent its expansion
▪ Eviction of the attacker
▪ IS monitoring to validate the measures taken and to detect a possible return of the attacker
▪ IS hardening and clean-up to prevent a new similar attack
Final investigation report
Understand what happened to continuously improve your security, including: ▪ sequence of events that led to the incident ▪ vulnerabilities involved ▪ compromised accounts ▪ damage analysis ▪ collected traces to be used as evidence in case of legal proceedings
SLA
Choose from a range of SLAs that guarantee prompt intervention according to your business needs.
Digital Forensics option
Following an incident, we can also support you with: ▪ post-mortem investigation ▪ deep dive in a malware's working ▪ e-discovery and evidence preservation services to support legal action ▪ threat hunting on latent intrusions, disrupting current threats and enhancing security measures against future ones