See-Secure team follows Incident Response Plan, in
which immediately set organizations into a triage process that harnesses
intelligence from See-Secure system and technologies in order to
diagnose the current status and halt attackers in their tracks before
more damage is done. Emergency response services provide remote and
on-site investigation to reduce the impact of an incident on your
organization.
The Incident Response teams draws from a skilled cyber security personal with skills and years of experience that help resolve the incidences, return to normal operations, and prevent incident recurrence while minimizing operational impact.
Our incident response service includes of various techniques such as log analysis, network and systems forensics, advanced malware analysis, and security intelligence to determine the root cause, timeline, and extent of the incident. See-Secure follows generally accepted and experienced forensic producers to collect, preserve and analyze evidence in accordance with the objectives. Our investigators provide management support and communication, empowering your executives to make the right business decisions related to response actions.
See-Secure Provides:
- The response team is available to answer a call immediately (up to one hour) from receiving notice of the incident, 365 days a year around the clock (24/7).
- See-Secure will assist the customer in detecting, investigating, analyzing, containing, and recovering from the incident, for as long as necessary.
- See-Secure will collect all the relevant information and deliver a preliminary analysis of the incident, the type of information at risk, etc. within 5 hours of receiving the incident notice, as well as drafting a preliminary containment and recovery plan (when possible) to reduce to the effect of the initial damage.
- Within 72 hours after receiving the incident notice, The customer will receive a recovery plan(except during a Continuous incident), which will include all actionable operational recommendations to minimize or prevent recurring similar attacks as much as possible. The recommendations will include information on the dimensions of the extent of damage, equipment needed for replacement / repair, etc.
- It is important to understand that sometimes in incident investigation, the root cause or the malicious component cannot be detected or contained. (this usually results in formatting the infected device)
- See-Secure and The customer will decide mutually when an incident is over.
- See-Secure will send its IRT professionals to the customer’s premises on a flight within 48 hours upon mutually agreeing this action is necessary, and upon approval of the traveling and expenses cos