Incident Response Services

Our response teams are certified in the latest methods and follow the models developed by the SANS Institute.

Our engineering staff is highly trained and prepared to deal with security incidents ranging from a simple malware infection to advanced persistent threats. Once engaged, our people will gather all the resources they need and will remain involved until the situation is resolved.
Our response teams are certified in the latest methods and follow the models developed by the SANS Institute.

Contact the Incident Response Team:

If you believe your internal network or a computing device may be compromised, we recommend the use of a cell phone or hardline rather than VoIP or your involved email system.

Email the Incident Response Team

There are six steps to handling any incident most effectively:

Preparation

Users and IT staff are educated on the importance of updated security measures and proper software patching.

Identification

The response team is activated to determine if a particular event is, in fact, a security incident. The response team may contact other technical or legal resources as needed in consultation with the client.

Containment

The response team determines how far the problem has spread and contains the problem by isolating affected systems and devices to prevent further damage.

Eradication

The team investigates to discover the origin of the incident. The root cause of the problem and all traces of malicious code are removed.

Recovery

Data and software are restored from clean backup files as necessary. Further assessment is performed ensuring that no vulnerabilities remain. Systems are monitored for any sign of weakness or recurrence.

Lessons learned

The team and client analyze the incident and how it was handled, making recommendations for better future response and for preventing a recurrence.