Incident 
 Response 

The purpose of Defendable’s Incident Response Team (IRT) is to help build your incident response capabilities and to respond to cyber security incidents.

Defendable has a dedicated team that consists of senior resources who have extensive experience in handling cyber security incidents of varying degrees of criticality and complexity. The IR team has expertise in crisis management, evidence collection, digital forensics, and threat intelligence. Incident response requires in depth knowledge of attacks, threat actors, and how to contain and recover from different type of cyber security incidents.

If you are exposed to a cyber security incident, Defendable can help you organize and coordinate incident handling in the following ways:

•  Organization and coordination of response
•  Assessment of the extent of compromise
•  Measures to contain or limit the attack and minimize the consequences
•  Facilitate rapid restoration to normal operations
•  Investigate and identify the root cause(s) of the incident
•  Evaluate and facilitate learning and improvement
•  Document findings and recommendations in an incident report.

In order to deny or confirm the compromise of endpoints and servers in minor digital security incidents, Defendable can help secure evidence and conduct digital forensics to find signs of malicious activity. Defendable can also assist with malware analysis or perform digital forensics on compromised endpoints and servers to map malicious activity. After completion of the analysis, Defendable will produce a report that includes a description of what happened, analytical findings, as well as recommendations for counter measures.

If assistance is needed for incident management, Defendable can assist both remotely or on-site as appropriate and/or desired. By entering into a response agreement with Defendable, you are guaranteed response time (SLA) and priority should you be exposed to a cyber security incident.

Whether you need help with proactive services like threat assessment, incident response readiness, playbook development or analyst for hire or reactive services like crisis management, forensics, or technical assistance during an incident, we have the experience and expertise to help your organization.

Our services include:

Threat assessment
Identifying the types of threats that your organization are most likely to face to enable you to better prioritize your security efforts

Incident Readiness
Helping you build a robust incident response function with a cyber incident response plan and exercises

Playbook development
Developing tailored playbooks for the most relevant threats against your organization

Incident Response
Reactive help to handle the investigation, contain, and respond to cyber security incidents

Incident Response Retainer (IRR)
SLA to guarantee response when an incident occurs

Forensics
Analytical support to find signs of malicious activity or ascertain the extent of compromise using digital forensics and malware analysis

Analyst for hire
Consultant that helps to strengthen your internal operational security capacity

If you need assistance, please call our Cyber Defense Center at +47 91 80 80 30.