IT-related tasks delivered to rebuild and/or harden all network elements including Firewalls, Active Directory, Servers, Workstations needed for normal operation.
Page under construction
Managed, Detections (Active Monitoring)
• Constant support to improve readiness to cyber attack • 24x7 Alerts Monitoring & Notifications • Triage: Qualifications & Validations of Alerts
SOC (MDR) ✓
SOC (MDR) + Standard CS-IRT ✓
SOC (MDR) + Comprehensive CS-IRT ✓
Response
Block suspicious activities on specific compromised hosts; Response via remote access and explore via scripts; Quarantine suspicious message and network contain specific hosts
Network-wide attack vector investigation Including: • Search for suspicious events, artifacts and IOAs.
• Remove planted persistence, malware artifacts and malware-less activities on all endpoints, servers and networking equipment including AD & FW.
SOC (MDR) ✖
SOC (MDR) + Standard CS-IRT ✓
SOC (MDR) + Comprehensive CS-IRT ✓
Comprehensive Incident Response (IR)
Advisory to the top management regarding common dilemmas in multiple critical aspects during and after the attack I.e. • Status and information sharing during and after the attack with Employees/Customers/Suppliers/Medi a/Law Enforcements...
• Operational decision if to shutdown part or whole the operation during the attack and in parallel to our IR process
• Ransomware negotiation with hackers