Contact Us
Emergency Response & Recovery
When your IT assets are under attack, rapid and thorough response is essential to minimizing the threat and safeguarding critical systems and data. With over 10 years’ experience assessing and mitigating attacks on organizations of all sizes, SecureWorks can help you effectively manage security incidents and minimize their impact on your business.
SecureWorks Emergency Response Services are available with a retainer contract, allowing clients to use any of our response services at any time with guaranteed availability. Retained Emergency Response Services are reserved in advance at a pre-paid rate, making the most of your security dollars.
|
Emergency Response Services
|
Incident Handling
Time is of the essence during a security incident. How quickly and thoroughly your organization responds significantly affects the scope and total cost of an attack. Swift and professional response will limit the scope of an incident and minimize the cost of a breach.
SecureWorks provides rapid response to assess, contain and mitigate attacks against your organization. Once an incident is declared, our certified incident handlers will begin working with you to analyze the threat, understand the true scope and take the appropriate steps to contain and eliminate the source. Afterwards, SecureWorks will review and document the response process and provide recommendations to prevent incidents and improve response in the future. SecureWorks will also produce a post-incident report with a jargon-free executive summary that discusses the security, business and compliance impacts on your organization.
Forensic Investigation
Determining the source and full extent of a breach is vital to containing the incident and addressing the root cause. In many cases, this can only be accomplished with in-depth Forensic Investigation. Proper forensic investigation of data storage devices also adheres to standards of evidence, providing legally admissible proof for criminal proceedings. Additionally, if you suspect sensitive data has been compromised but you do not have sufficient evidence to declare an incident, proper forensic investigation can help you confirm or refute that a breach has occurred.
If your organization has become a victim of a security breach — or suspects a breach has occurred — SecureWorks’ professionals can move quickly to capture and analyze data stored in hard drives, CDs, DVDs, thumb drives and other media formats. Following evidentiary procedures to ensure integrity and admissibility, our team will thoroughly investigate the incident while keeping you informed of all results. Forensic Investigation can be performed as part of Incident Handling or performed independently depending on your needs.
Malicious Code Analysis
Determining the full impact of a security incident requires detailed understanding of the full purpose and objectives of the attack. In some cases, such as targeted attacks using customized malware, this requires expert analysis of the malicious code involved.
If your environment has been compromised by malware, SecureWorks experts can reverse engineer the malicious code to reveal its intent and its true effects on your organization. This can be provided as part of our Incident Handling and Forensic Investigation services.
Incident Management
In addition to rapid response to contain and stop incidents, many critical decisions must be made to help you manage the cost and impact of a security breach on your business. Responding to incidents involves many stakeholders outside of the IT department who must also be involved in the incident management process, including executive teams, legal counsel, public relations, etc. This is especially important in cases where the type of data compromised, such as customer records or sensitive financial information, mandates the fulfillment of legal and/or fiduciary obligations.
To support incident management within your organization, SecureWorks can provide independent and objective advisory services based on evidence collected during incident handling. Working with the proper stakeholders within your organization, we can help you manage the cost and impact of a security incident on your business.
Phishing Takedown
Phishing attacks rely on increasingly sophisticated email scams and fraudulent websites to socially engineer your customers and employees into divulging sensitive data such as account numbers and authentication credentials. Because the fraudulent websites are operation outside of your network – often in foreign regions of the world – shutting them down and ending the threat to your business requires strong relationships with ISPs and key international organizations.
If your organization is being targeted by phishing attacks, SecureWorks is available 24x7x365 to recommend, coordinate, manage and facilitate an appropriate selection of countermeasures including taking down the phishing site. Our staff has foreign language translation capabilities that cover 78% of all Phishing incidents. We work with key anti-phishing and security organizations including FIRST (the Forum of Incident Response and Security Teams; SecureWorks is a full member), the United States FBI and Secret Service, CERT (Computer Emergency Readiness Team), and the Anti-Phishing working group. We also work with local and foreign ISP’s, foreign law enforcement, and vendors.
