Global
Incident Response
SecureWorks provides a wide array of Response Services which cover the full spectrum of capabilities from planning and analysis to emergency response and forensics. When a breach happens, SecureWorks can help you minimize damage, recover compromised data and preserve evidence for legal action.
SecureWorks Incident Response Services are available with a retainer contract, allowing clients to use any of our response services at any time with guaranteed availability. Retained Incident Response Services are reserved in advance at a pre-paid rate, making the most of your security dollars.
|
Incident Response Services
|
Response Planning & Analysis
SecureWorks' consultants can work with you to prepare your organization to respond quickly and effectively to security incidents. Key Response Planning & Analysis services include:
Computer Incident Response Plan (CIRP) Development – SecureWorks can assist you in developing a CIRP to allow you to reliably detect and respond to security incidents at both a strategic and tactical level.
CIRP Gap Analysis – Our consultants will review your existing response documentation, capabilities, personnel and procedures and perform a Gap Analysis against best practices and frameworks for compliance and governance.
Logging Configuration Review – SecureWorks will evaluate your logging controls to determine if they are sufficient to support incident investigation and recovery.
Customer Information Disclosure Planning – We will work with you to put in place the right frameworks and documentation necessary to make the most appropriate decisions with respect to customer notification should their information be compromised.
Compliance Integration – Our compliance experts will review your incident response capabilities and help you integrate them with compliance and governance frameworks such as PCI and ISO 27001.
Emergency Response & Recovery
SecureWorks' incident handling and response experts can provide rapid emergency response to contain an incident, mitigate the threat and protect your assets. Key Emergency Response & Recovery services include:
Incident Handling – SecureWorks provides on-site or remote analysis, containment and response to an incident in progress to minimize its impact on your organization. Afterwards, SecureWorks experts work with you and provide recommendations to prevent similar incidents.
Forensic Investigation – Using a variety of professional tools, SecureWorks can capture and analyze data stored on hard drives, mobile phones, PDAs, servers, virtual systems, removable media and other formats in a forensically sound fashion. This can be performed as part of handling an incident to fully understand the scope of a breach or disclosure.
Incident Management – To support your organization’s response efforts, SecureWorks can provide independent and objective advisory services based on evidence collected during incident handling activities to executives, legal counsel, public relations and other key stakeholders to help you manage the cost and impact of a security incident.
Malicious Code Analysis – If your environment has been compromised by malicious code, SecureWorks experts can reverse engineer the code to understand its full purpose and the impact it has on your business and data.
Phishing Takedown – SecureWorks’ security professionals are available 24x7x265 to respond to phishing attacks. Working with key anti-phishing, security organizations and ISPs, we can determine the location of the server hosting the phishing site and have it taken down. Our experts will also continue to monitor the phishing domain and take appropriate action should the phishing site be re-activated.
Response Testing & Capability Analysis
SecureWorks consultants can test and evaluate your incident response plan and how well your team responds to an attack using simulations and other exercises. Regular testing of your CIRP ensures that your team is familiar with procedures and identifies areas in need of improvement.
Walk-Through Exercises – Our incident response experts will review your procedures, design exercises to simulate plausible incidents, conduct the exercises and evaluate your team’s performance. Afterwards, we will provide detailed feedback and recommendations for improvement.
War Gaming – After reviewing your procedures, SecureWorks will create a War Game scenario that is based on the latest trends and threats. This combines testing and training for your incident response team.
