Response and Forensics
Our consultants specialise on responding to security incidents – containing and eradicating threats, investigating the actions performed by adversaries and assisting clients to become resilient against re-compromise.
Incident Response
Performed by certified highly skilled responders that have remediated hundreds of incidents successfully.
We provide wholistic incident response across all types of security incidents:
- Initial review, assessment and action plan.
- Determine the scope of the incident.
- Timely analysis, containment and eradication.
- Investigation including Network and Host-based forensics.
- Intrusion vector analysis, attack surface hardening and minimisation.
- Assist with corporate crisis response and data breach advisory.
- Executive and Technical reporting and communication.
- Provide immediate, incidental and post-incident long-term recommendations.
If you’re experiencing an incident or suspect that you’ve been compromised, delaying Incident Response increases impact and allows adversaries more time to achieve their aims. Engage professionals as early as possible to help prevent any further damage.
SiegeBrake are available 24/7 within minutes to perform triage, provide assessment and action plan, and facilitate effective remediation and investigation activities.
We also provide Incident Response within Industrial / Critical Infrastructure Operational Technology environments.
Digital Forensic Investigation
- Malicious Insider or suspect an employee of malfeasance?
- Already remediated but need to investigate what actions an adversary took?
- What data did they access? Did they leave any backdoors?
- Notified of a breach / advised to investigate?
If we discover indicators that any threat is still present, we will advise and can shift to Incident Response immediately.
IR Retainer
Attacks such as ransomware aren’t randomly timed, they’re run as campaigns to ensure maximum impact – this means numerous victim organisations are all hit at once.
Â
Incident Response experts will remain part of the skills gap for a considerable time, especially given that there’s only one way to learn – experience. During the peak of these campaigns organisations discover that they’re not able to find expert assistance as specialists have full bandwidth.
Â
An Incident Response Retainer guarantees you’ll always have a expert responder available when you need them most.
Â
SiegeBrake’s retainer is the best value on the market and includes important proactive services free of charge, plus the flexibility to use other services if you don’t use pre-paid hours, including forensics, threat hunting, workshops and penetration testing.
SiegeBrake are available 24/7 within minutes to perform triage, provide assessment and action plan, and facilitate effective remediation and investigation activities.
We also provide IR Retainers for Industrial / Critical Infrastructure Operational Technology environments. Talk to us today.
Ransomware
Adversaries continue to adapt their attacks, pursuing multiple angles of extortion to achieve their aims.
Â
This not only causes productivity losses due to reduced availability of essential systems and data. But also reputational damage and further financial impact throough the theft of company data and threats to release it publicly or sell underground.
Â
We ensure a rapid response is performed preventing further impact from ransomware, investigate adversary actions, eradicate the breach, discover what data was stolen and provide crisis response and recommendations to management.
Â
SiegeBrake’s Incident Responders are experienced at responding to ransomware incidents and understand adversary tactics, techniques and procedures.
Business Email Compromise
Business Email Compromise incidents have evolved over the years with compromised organisation accounts being used to stage attacks against partners, suppliers and clients.
This introduces a risk to your business relationships and can end in costly litigation, regulatory notification and non-compliance fines.
We rapidly determine the extent of the compromise, contain and eradicate it, perform an in-depth investigation that determines the root cause and provide reporting that presents the facts.
Post-Incident Inspection
The only thing worse than the impact to services, finances, reputation and litigation issues caused by a security incident, is facing another shortly afterwards!
Numerous organisations have suffered re-compromise due to ineffective remediation having an exponential impact to their reputation as well as increased scrutiny.
SiegeBrake can enable and perform Post-Incident Analysis, regardless of whether we have performed the remediation.
eDiscovery
Are you preparing investigations for litigation, following up on a cyber breach or embarking on mergers and acquisitions?
Â
We help organisations search millions of documents, discover what matters most and see it clearly.
Â
Our eDiscovery organises, processes and searches your documents, leaving only the important ones for your reviewers to analyse. We can cover everything, from emails and images to PDFs and social media messages.
Â
When you need to bolster your in-house resources, we can support you with analysing the documents themselves by providing a partner team of qualified lawyers and/or paralegals.