Incident Response

Incident Response Services

Our Incident Response service is designed to assist you when an attack or penetration has been discovered within your information system. Our service can be conducted before, during or after the threat has been eradicated, to help you develop a plan of attack and/or procedures to take in order to prevent an attack from occurring in the future.

Contact us now

Why an Incident Response Service from us?

 

Incident Response Services





Our methodology and strategy

We want to provide as much support as possible and aim to accompany you through the process of remediation in the most efficient way. As every attack varies in strategy and intensity, so must the methodology and strategy our teams design to counter each attack. Through this we are able to demonstrate our expertise and adaptability.

Depending on the situation:

  • We can either conduct the service remotely (for example, in the case of a compromised externally-hosted server), and/or conduct the service on site (the more common approach, which is necessary when the compromise has occurred on a local/internal system).
  • The approach can either be detailed, (for example, forensic analysis of………) or be more globa (in the event of a widespread compromise.

Regardless of the approach taken, our teams will work together with yours for a relevant and pragmatic collaboration.


The objectives of an incident response service can be numerous, including:

  • Identifying the causes of an incident that occurred in the past in order to close the entry points used or verify that no other unauthorised entry points exist.
  • Intervene during a crisis , to guide your teams through deciding which strategy to employ and provide our expertise.
  • Find ways to slow down and eliminate the threat , and then rebuild the information system with increased security.
  • Investigate an element, a set of elements, or an entire network to check whether it has been subject to an ongoing attack.

Technical implications include:

  • Recovering and analysis of system, network and application logs, system artefacts (executed processes, modified elements, etc.), volatile memory, hidden files and folders or any other indicators of compromise (IOCs).
  • Analysis of malicious software: Our consultants have extensive experience in binary analysis (reverse engineering) and are able to analyse threats that are not publicly documented.
  • Assisting in setting up (system, network and application) strengthened configurations (in terms of security).

This service may also interest you:


60x60
Penetration testing

Read more


130x90
Social Engineering and red team services

Read more


130x90
Security audits

Read more


Why choose SSL247®?

SSL247® has over 12 years of experience and expertise in the web security industry and numerous accreditations such as the EMEA Symantec Champion Award 2014 and the certification ISO 27001:2013.

Additionally, we have our own department specialised in penetration testing and security audits. Our team is composed of experts that are certified and well-known in the IT security arena (OSCP, OSCE et OPST).

Contact us

For more information on how our security services can benefit your business, get in touch with one of our accredited consultants:

914 142 288
sales@ssl247.pt