With Incident Response, contain and remediate cyber-attacks

Share

Have you detected abnormal behavior on your systems, network or application usage? Your organization may be the victim of a cyber-attack. Incident Response helps you to assess the situation, and if necessary to contain the attack, evict the attacker and restore your operations. Our experts intervene quickly at your request, analyze in depth your environment to determine the perimeter controlled by the attacker, the impact of the attack and how to fix it.

Incident Response Orange Cyberdefense diagram

Incident Response intervention

Assessment

A proven approach based on NIST and other best practices

Benefit from our approach based on the determination of a restricted perimeter impacted by the incident, then by the gradual extension of the perimeter until the full knowledge of the incident is reached.

Remediation

Support in the implementation of the remediation strategy

▪ Containment of the incident to prevent its expansion
▪ Eviction of the attacker
▪ IS monitoring to validate the measures taken and to detect a possible return of the attacker
▪ IS hardening and clean-up to prevent a new similar attack

Final investigation report

Understand what happened to continuously improve your security, including: ▪ sequence of events that led to the incident ▪ vulnerabilities involved ▪ compromised accounts ▪ damage analysis ▪ collected traces to be used as evidence in case of legal proceedings

SLA

Choose from a range of SLAs that guarantee prompt intervention according to your business needs.

Digital Forensics option

Following an incident, we can also support you with: ▪ post-mortem investigation ▪ deep dive in a malware's working ▪ e-discovery and evidence preservation services to support legal action ▪ threat hunting on latent intrusions, disrupting current threats and enhancing security measures against future ones