Incident Response Containment

Img Alt

Helping clients resolve problems, quickly and effectively

When an incident occurs, we understand the sensitivity of the situation and our incident response team is available 24/7/365 to help you navigate this process. We will quickly scope the intrusion by extracting actionable internal and external intelligence. We will contain and eradicate the threats, recover your business, and assess the attack to minimize future exposure.

Services include:

  • Containment and eradication of incident
  • Executive Board Report
  • Investigative overview of incident with actionable remedies on what to do next
  • Strategic analysis and recommendations on  your security footprint
  • Professional services to help you avoid future incidents

Contact us today to speak with a security expert!

 

 

Don't Wait! Incident Response Planning

Img Alt

Proactive, Not Reactive!

Don’t wait for an incident to happen to put together your plan.  We highly recommend having a plan in place that can be used as a roadmap for your organization on best practices that will enable you to handle the situation instead of the situation handling you.

Our experts are here to help your organization develop a plan that limits damage and reduces recovery time and costs.  We will develop a comprehensive policy that defines, in specific terms, what constitutes an incident and provides a step-by-step process that should be followed when an incident occurs to limit your exposure and quickly remediate a situation.

Everyone needs to be involved in your incident response planning from top to bottom of an organization.  How and what you do immediately after an incident will define how quickly you can recover!

Elements for Building an Incident Response Plan

Watch on-demand video on how to start building a plan today!

Blue Team Handbook

Img Alt

Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.

 

The Blue Team Handbook is a “zero fluff” reference guide for cyber security incident responders, security engineers, and InfoSec pros alike. The BTHb includes essential information in a condensed handbook format. Main topics include the incident response process, how attackers work, common tools for incident response, a methodology for network analysis, common indicators of compromise, Windows and Linux analysis processes, tcpdump usage examples, Snort IDS usage, packet headers, and numerous other quick reference topics.

The book is designed specifically to share “real life experience”, so it is peppered with practical techniques from the authors’ extensive career in handling incidents. Whether you are writing up your cases notes, analyzing potentially suspicious traffic, or called in to look over a misbehaving server – this book should help you handle the case and teach you some new techniques along the way.

Get a copy today from our Director of Security Services, Don Murdoch, whose principals are outlined in the BlueTeam Handbook on incident response.  Every cyber-security client receives a copy of his latest version to help your team stay ahead of incidents.