Around the clock service to respond quickly to your potential cybersecurity incidents.
Our Computer Security Incident Response Team service can be called upon either on demand or as part of a prepaid retainer service. The service enables companies to obtain specialized external assistance in the event of cybersecurity incidents.
What is CSIRT?
Beat cybercriminals at their game and get professional assistance in returning to normal operations as soon as possible with the aid of an the Computer Security Incident Response Team (CSIRT). Our intention is to guide you throughout the lifecycle of a cybersecurity incident and to better prepare for future incidents.
CSIRT is available in two flavors:
- On-Demand Service: an on-demand service of the cybersecurity incident response team for customers that do not have a CSIRT contract and have a cybersecurity emergency.
- Retainer Service: an agreement in which an organization pays spotit for several days that can be used to respond to cybersecurity incidents with priority. We offer 3 different packs to suit your needs, in combination with other SOC services or as standalone. The current environment is documented, and procedures are agreed upon in order to allow us to respond to a cybersecurity emergency within the agreed SLA’s.
What are the benefits?
A SOC security expert for technical support and an experienced governance employee that will be responsible for the overall coordination and communication with your management team. Depending on the nature of the incident, an ethical hacker or a DPO may also be part of the team.
Via a questionnaire and a risk impact matrix, our on-duty guard will evaluate the criticality of the incident.
The choice between On-Demand Service and a Prepaid Retainer Service with 3 different packs guarantees a solution for every budget.
What will you get?
- A first analysis and evaluation performed by our on-call duty guard as soon as an incident is reported.
- Guidance through the containment, elimination and recovery process by our CSIRT Team, remotely or on-site.
- A lessons learned meeting when the recovery phase has been reached in order to agree upon an improvement action plan for future cybersecurity incidents.
- A daily incident status report.
How do we work?
- Analysis and evaluation of the incident.
- Application of existing and proven incident response frameworks.
- Putting together the experienced expert team for your incident.
- Containment, elimination and recovery process.
- Lessons learned meeting and discussing the improvement action plan.
Why is this a priority?
A cybersecurity incident can happen at any time. Whether it’s an incident where a cybercriminal demands bitcoins following a successful ransomware attack or incidents such as nation- or international-wide attacks, our emergency service guarantees a quick response to limit the potential damage to your organization.