Nowadays every company, regardless in what sector you are face a cyber attack. What counts after being hit is quickly gaining back control on your business. What happened? What needs to be done go control the situation? What measures are needed to prevent this from happing again? Responders.NU has years of experience in investigation cyber attacks and the needed support to recover critical business processes and answer all related questions.
What we do
Responsders.NU will collect various available sources to gain insights into what happened and the scope of the attack. During the incident Responders.NU will provide dedicated support in mitigating the incident and recovery of your business. At the end of the incident you will receive a clear report with answers related to what happened, how it happened and advice.
- Incident case management to guide the incident.
- Investigate root-cause and impact. Who is patient zero? How did this happen and what data was stolen?
- Support to contain the incident, recovery and eradicating the attackers from your network.
How it works
Based on industry standards, Responders.NU will support with the incident from beginning to end. First the scope is determined to make the right decisions, we assemble a team and determine which source are needed during the investigation. Based on the investigation and analysis a plan will be made to contain and recover from the incident.
Wat is de werkwijze bij Incident Response?
- Intake: during the intake we assess the initial scope of the attack and define the requirements on what information to collect and which team members should take part in the incident. In this stage the budget will be estimated.
- Triage / detect & analyze: during triage the actual scope of the incident will be determined. Forensic information will be collected to analyze and validate the scope and investigate the incident. Based on the triage and analysis results, a plan of action is made to contain and recover from the incident.
- Containment: in this phase the focus is set to contain the incident. This requires decisions to be made on business impact and continuity.
- Eradicate/Recovery: this process involves eradicating the attackers and restoring affected accounts, devices and/or systems and verifying security so that normal operations can resume.
- Post-incident activities: when the incident is resolved, a forensic investigation report is issued. The report proposes solutions to prevent a similar event in the future.
When do you use Incident Response?
Incident response is best used to minimize the impact of the cyber incindent and allow the continuity of your business.
Who uses Incident Response?
Responders.NU is 24/7 available for every type of company wheater you are a small-medium business or a large enterprise.
Incident Response team
The incident response team exists of highly trained and qualified professionals. Depending on the size and impact of the incident, the team can be scaled up or down to suit the needs and requirements.
Wij bieden Incident Response retainers aan waarmee afspraken van te voren zijn vastgelegd, verwachtingen duidelijk zijn en in het geval van nood direct een vertrouwde partij kan worden ingeschakeld. Download het datasheet en bekijk onze dienstverlening.
Time is one of the most important factors during incident that influences the impact and containment. We have Rapid Response tools and technology available to quickly gather and collect evidence for rapid insights.
Without trust it is hard to get things done. Especially fort hat reason we work
with frameworks that can offer the highest level of discretion and trust.
We believe it is important to offer the highest possible quality. We therefore require all our specialists to be SANS trained and GIAC certified, the holy grail.