350 Sentry Parkway | Bldg. 670, Suite 201 | Blue Bell, PA 19422 | 267.664.4200

© 2020 Revolutionary Security, LLC

Attacked? How do you recover?Proven incident response methodology rooted in industry best practices.

Our incident response activities and advisory support services help organizations recover from cyber-attacks, learn from intelligence gained during an investigation, and improve defensive resiliency moving forward.

Following industry best practices, our team teams work closely with you through every stage of incident response, from identification and analysis through containment, remediation, and recovery.

Engagement components include:

• Digital Forensics – Safely and securely extract key artifacts for analysis

• Malware and Artifact Analyses – Produce actionable intelligence and indicators to be used in various response activities

• Incident Root Cause Analysis – Determine why the incident occurred and how the threat actor was able to succeed

• Incident Peer Review – Verify results and findings of active and/or closed investigations

• Incident Report – Summarize investigation and response activities, key artifact analysis, and recommendations

Incident Response & Remediation Advisory

Data Sheet

“ 2018 alone marked $2.71 billion

dollars in victim losses” with respect

to incidents reported to the FBI for

examination.

Internet Crime Report FBI, 2018

Service Benefits

• Tailored engagement models align to your needs and business objectives

• Incident response analysts with GIAC GCFE, GCFA, GCIA, GCIH, and GREM certifications provide expert guidance and support

• Proven methodology drives recovery and builds proactive capabilities to prevent future attacks

• Swift, decisive engagements return business to normal operating conditions while preserving necessary artifacts for incident reporting and lessons learned

350 Sentry Parkway | Bldg. 670, Suite 201 | Blue Bell, PA 19422 | 267.664.4200

© 2020 Revolutionary Security, LLC

Partner with Revolutionary SecurityAs a cybersecurity-focused firm, Revolutionary Security is dedicated to helping enterprises outpace cyber threats using proactive defense capabilities. Built on expertise gained defending the world’s largest defense contractor and Fortune 500 critical infrastructure networks from cyber-attacks, our company brings unique cybersecurity experience and unrivaled passion for cyber defense to every engagement.

Incident Response | Operate & Support

Prepare Today for the Incidents of TomorrowContact Revolutionary Security to discuss how to improve your organization’s defensive resiliency. Call 267.664.4200 or visit revsec.com

Approach & MethodologySix Phases of PICERL Framework

Our incident response engagements utilize the PICERL framework (phase two through six) to enable a structured and thorough approach. This approach drives comprehensive analysis and empowers clients to recover, as well as to mature through the process.

PREPARATION

01

ERADICATION04

IDENTIFICATION02

LESSONSLEARNED

06

CONTAINMENT03

RECOVERY05

• Identification – Investigate the threat and extract key pieces of information such as indicators of compromise (IOC) for follow on response activities

• Containment – Stop the threat from spreading and use IOCs to halt nefarious activities

• Eradication – Safely expel threat actors from your environment while ensuring data preservation using our expert recommendations

• Recovery – Return to normal operating rhythms. Our team provides advisory support for your organization during recovery activities

• Lessons Learned – Debrief to highlight response successes, identify gaps, and assign action items to improve cyber resiliency. Using our structured format and methodology our experienced team guides you through the process