Have you detected abnormal behavior on your systems, network or application usage? If so, your organization may be the victim of a cyberattack.
Incident Response, secured by Orange Cyberdefense, helps you to assess the situation, and if necessary to contain the attack, evict the attacker and restore your operations. Our experts intervene quickly at your request and deeply analyze your environment to determine the perimeter controlled by the attacker, the impact of the attack and how to fix it.
Incident Response intervention
Assessment
A proven approach based on NIST and other best practices
- Benefit from our approach based on the determination of a restricted perimeter impacted by the incident and then by the gradual extension of the perimeter until full knowledge of the incident is obtained
Remediation
Support in the implementation of the remediation strategy
- Containment of the incident to prevent its expansion
- Eviction of the attacker
- IS monitoring to validate the measures taken and to detect a possible return of the attacker
- IS hardening and clean-up to prevent a new similar attack
Final investigation report
Understand what happened to continuously improve your security, including:
- Sequence of events that led to the incident
- Vulnerabilities involved
- Compromised accounts
- Damage analysis
- Collected traces to be used as evidence in case of legal proceedings
SLAs
Choose from a range of SLAs that guarantee prompt intervention according to your business needs.
Digital forensics option
Following an incident, we can also support you with:
- Post-mortem investigation
- Deep dive into malware activities
- E-discovery and evidence preservation services to support legal action
- Threat search on latent intrusions, disrupting current threats and enhancing security measures against future ones