SecureWorks Launches Emergency Cyber Incident Response for Clients Deploying on Amazon Web Services

ATLANTA, Oct. 5, 2015 -- SecureWorks, consistently recognized by industry analysts as a leading provider for cybersecurity services, today announced a new on-demand Emergency Cyber Incident Response (ECIR) capability for clients deploying assets on Amazon Web Services (AWS).

The new offering from SecureWorks is in response to the growing enterprise adoption of production workloads on AWS and the customer demand for on-demand incident response solutions that are optimized for the dynamic and agile operating environment of the cloud.

Designed and refined through collaboration with AWS, SecureWorks' Emergency Cyber Incident Response helps organizations investigate cyber incidents affecting their assets deployed on the AWS Cloud. Though cloud infrastructure does not change the fundamentals of incident response and digital forensics, cloud infrastructure requires modifications to the process for efficient and effective containment, mitigation, data collection, and analysis within the cloud. For example, AWS provides unique methods to contain compromised instances and credentials, mitigate propagation of threats, snapshot and collect data, and quickly stand up resources for analysis. As a result, SecureWorks has codified these techniques in order to perform highly efficient and scalable cyber incident response investigations.

“Our Incident Response team is comprised of an elite group of individuals with backgrounds in cyber investigations, technical analysis, research, and crisis management spanning national, military, and organizational Computer Security Incident Response Teams (CSIRTs), as well as law enforcement agencies,” said Jeffrey Carpenter, director of the Incident Response and Digital Forensics practice at SecureWorks.

Since 2008, SecureWorks has offered an Incident Management Retainer that expedites responses to cyber incidents. Within four hours of receiving an incident report from a retainer client (which may be conveniently reported via the SecureWorks IR Hotline or online Client Portal), the SecureWorks Incident Response team initiates remote response support and takes action on a mutually defined scope of tasks. If necessary, incident responders can be onsite within 36 hours for locations within the U.S. and UK and in transit within 48 hours for other international locations. As an added benefit, retainer hours may also be used for response plan reviews, testing exercises, and a wide variety of other Incident Management services at any time during the term of the contract.

Since 2005, SecureWorks' expertise in incident response has been recognized by the following industry and government organizations:

  • Accepted as a member of the Forum of Incident Response and Security Teams (FIRST);
  • Approved by the Payment Card Industry (PCI) Security Standards Council (SSC) as a PCI Forensic Investigator (PFI);
  • Accredited by the Government Communications Headquarters (GCHQ) Communications-Electronics Security Group (CESG) and the Centre for Protection of National Infrastructure (CPNI) as a Cyber Incident Response (CIR) scheme provider; and,
  • Accredited by the National Security Agency/Information Assurance Directorate (NSA/IAD) as a Cyber Incident Response Assistance (CIRA) service provider under the NSA/IAD National Security Cyber Assistance Program (NSCAP).

“We are honored to complement the expertise of the AWS Security Team by providing resources to clients that need additional investigative support,” said Carpenter. “As more organizations deploy production applications and business critical data in cloud computing environments, it is critical that they protect these assets as much as they protect information hosted onsite.”

About SecureWorks

Recognized as an industry leader by top analysts, SecureWorks provides world-class information security services to help organizations of all sizes protect their IT assets, comply with regulations, and reduce security costs. For more information, visit

Dell World

Join us Oct. 20-22 at Dell World 2015, Dell’s flagship event bringing together technology and business professionals to network, share ideas and help co-create a better future. Learn more and follow #DellWorld on Twitter.

Dell is a trademark of Dell Inc.

Dell disclaims any proprietary interest in the marks and names of others.

Media Contacts

Elizabeth Clarke | SecureWorks | (404)486-4492 | [email protected]


See for yourself: Request your demo to see how Taegis can reduce risk, optimize existing security investments, and fill talent gaps.