INCIDENT RESPONSE (CIRT)
GuardSight BreachMasters® incident response services enable organizations to address critical asset compromise, assess current processes and train staff to identify and respond to cyber threat.
PREPARATION & IDENTIFICATION
Analysts assist with planning, readiness, tabletop exercises (TTX), and provide severity assessment, and cyberweapons deployment directives.
Analysts assist with defining and achieving critical asset Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO).
QRF response for determining the impact, investigating the root cause, containing attacks at the early stages, assessing required force, and issuing courses of action for ongoing containment.
Evidence collection best practices, virtual evidence lockers for storage and protect evidence, journaling of collection activities, and chain of custody management.
Analysts confirm aggressor termination, verification of remediation of vulnerabilities, and assert the application of mitigating controls to prevent further intrusion.
AFTER ACTION REPORTING
Comprehensive reporting of attack and response sequences, indicators of compromise, kill chain, courses of action, and Opportunities For Imp