SERVICE – Incident Response
Incident Response is an organized approach to addressing…
In case of a security breach or attack, our Incident Response service offers an organized approach to disaster management.
From containing the problem to recovering valuable data, our recommendations will ensure a preventative approach to your company's digital security in the future. All our consultants are certified and through continuous training we keep up-to-date on the ever-changing Digital Forensic landscape.
WE FOLLOW THE SANS INSTITUTE'S SIX-STEP GUIDE TO HANDLE AN INCIDENT:
PREPARATION – We educate users and IT staff of the importance of updated security measures and trains them to respond to computer and network security incidents quickly and correctly.
IDENTIFICATION – The response team is activated to decide whether a particular event is, in fact, a security incident.
CONTAINMENT – The team determines how far the problem has spread and contains the problem by disconnecting all affected systems and devices to prevent further damage.
ERADICATION – The team investigates to discover the origin of the incident. The root cause of the problem and all traces of malicious code are removed.
RECOVERY – Data and software are restored from clean backup files, ensuring that no vulnerabilities remain.
LESSONS LEARNED – Our team analyzes the incident and how it was handled, making recommendations for better future response and for preventing a recurrence.