Security incident response

Information Security Incident ordinary refers to an event which appears to be a breach of Information Security safeguards and could result in losses or other issues. It is quite possible that security incident is a result of a Computer Crime.

Here are some examples of security incidents:

• Website attacks (defacement, cross-site scripting, code injection, cookie poisoning etc)
• Unauthorized access (password interception and guessing attacks)
• Malware attacks (Trojans, spyware, viruses, worms, etc);
• Denial of service attacks (DOS, DDOS, DrDOS);
• Internet attacks (Spam, phishing, DNS record manipulation, etc).

Before computer crime or security incident occur a wired range of security measures and techniques could be used to prevent it and one of best solutions is to implement a Security Incident Response Team (SIRT).

Generally SIRT is not just a team of IT security professionals – it’s a process aimed to timely and properly react, evaluate the impact, categories and analyze the information security incident, moreover in case of computer crime SIRT plays a role of first response and needs properly secure the crime scene and maintain “Chain of Custody” before investigators will be involved.

For this reason Group-IB provides a wired range of SIRT services, which includes:

• Development and implementation of SIRT process in your organization;
• Training of your staff on SIRT process;
• Outsourcing SIRT for your organization;
• Emergency 24h, 7d/w, 365 d/y response on SIRT requests for Computer Crimes investigation.

Moreover we are on approbation stage to become a CERT in Russian Federation. If you are interested in Security Incident Response Team (SIRT) services, please contact:

Phone: +7 (495) 661-55-38 multichannel

E-mail: cci@group-ib.ru