Incident Response

Incident Response

Move beyond traditional network traffic tools, to mobile, virtual and cloud monitoring and investigations for incident response.


> One-click endpoint isolation for immediate threat containment


Responders can instantly contain active intrusions remotely by isolating one or multiple endpoints from communicating with the network. By still maintaining an active connection with the server - even while isolated - IR teams can perform more conclusive and surgical investigations on or off the network.

> Understand root cause

> Recorded history and visualisation of the entire attack kill chain

> Empowers security operations and personnel to learn from investigations to improve future processes, procedures and security

Using a variety of techniques including log analysis, network and systems forensics, advanced malware analysis, and security intelligence to determine the root cause, timeline, and extent of the incident.



Key Benefits

  • Plan and prepare the impact of an incident 
  • Address threats, vulnerabilities, virus outbreaks, and incidents 
  • Reduce the time between discovery and remediation 
  • Deliver timely and measured response with minimal business disruption

  • Support executives with guidance on both internal and external response
  • Execute remediation plans to prevent recurrence (remove and prevent future)
  • Where required our consultants can work under legal privilege on behalf of your legal counsel.


Incident Response Planning Service
  • The service reduces the time between detection and resolution.
  • Working with you the customer to develop a proactive response program that improves incident response times, lowers response costs, improves overall response effectiveness. 
  • Implement a continuous improvement process that uses lessons learned from past incidents to improve your security effectiveness.



Pre-Negotiated Contract Terms
 
Avoid contract negotiation in the middle of an incident.

Every incident has unique vectors and attack methodologies.

The way in which your company needs to proceed may be governed by compliance regulations and laws. Become more proactive in your response program.


PCI Forensic Investigations  
A certified PCI Forensic Investigator and has more than seven years of experience investigating security breaches at physical locations, e-commerce sites, payment processors and payment gateways. 
Incident Readiness Assessment  
Assess your existing ability to respond to security incidents and provide recommendations to shrink the time between incident detection and resolution, and ultimately reduce the probability and severity of future incidents.


Incident Response Training  
The average number of days a business takes to detect a breach was over 70-80 days. The longer an intrusion goes unidentified, the more time its instigators have to wreak havoc. With the same training provided to law enforcement organisations around the world, you can build your own expert response team to recognise ‘indicators of compromise’ (IOCs) before the damage is done.

Provide tailored incident response training to assist you in the initial identification and containment of security incidents. Training topics may include security awareness, current security trends, data handling, volatile data collection, or other relevant areas. 




Cloud Based Incident Response Service

Managed Services  
The Incident Response Managed Service provides remote and on-site investigation to help organisations mitigate their impact and quickly restore business as usual.

Complete technical analysis capability including host based analysis, network investigation and malware reverse engineering.