Incident Response: contain and remediate cyberattacks

Have you detected abnormal behavior on your systems, network or application usage? If so, your organization may be the victim of a cyberattack.
Incident Response, secured by Orange Cyberdefense, helps you to assess the situation, and if necessary to contain the attack, evict the attacker and restore your operations. Our experts intervene quickly at your request and deeply analyze your environment to determine the perimeter controlled by the attacker, the impact of the attack and how to fix it.

Incident Response

Incident Response intervention


A proven approach based on NIST and other best practices

  • Benefit from our approach based on the determination of a restricted perimeter impacted by the incident and then by the gradual extension of the perimeter until full knowledge of the incident is obtained

Support in the implementation of the remediation strategy

  • Containment of the incident to prevent its expansion
  • Eviction of the attacker
  • IS monitoring to validate the measures taken and to detect a possible return of the attacker
  • IS hardening and clean-up to prevent a new similar attack


Final investigation report

Understand what happened to continuously improve your security, including:

  • Sequence of events that led to the incident
  • Vulnerabilities involved
  • Compromised accounts
  • Damage analysis
  • Collected traces to be used as evidence in case of legal proceedings


Choose from a range of SLAs that guarantee prompt intervention according to your business needs.

Digital forensics option

Following an incident, we can also support you with:

  • Post-mortem investigation
  • Deep dive into malware activities
  • E-discovery and evidence preservation services to support legal action
  • Threat search on latent intrusions, disrupting current threats and enhancing security measures against future ones