incident response & remediation advisory › hubfs › assets › data sheets › revsec... ·...
TRANSCRIPT
350 Sentry Parkway | Bldg. 670, Suite 201 | Blue Bell, PA 19422 | 267.664.4200
© 2020 Revolutionary Security, LLC
Attacked? How do you recover?Proven incident response methodology rooted in industry best practices.
Our incident response activities and advisory support services help organizations recover from cyber-attacks, learn from intelligence gained during an investigation, and improve defensive resiliency moving forward.
Following industry best practices, our team teams work closely with you through every stage of incident response, from identification and analysis through containment, remediation, and recovery.
Engagement components include:
• Digital Forensics – Safely and securely extract key artifacts for analysis
• Malware and Artifact Analyses – Produce actionable intelligence and indicators to be used in various response activities
• Incident Root Cause Analysis – Determine why the incident occurred and how the threat actor was able to succeed
• Incident Peer Review – Verify results and findings of active and/or closed investigations
• Incident Report – Summarize investigation and response activities, key artifact analysis, and recommendations
Incident Response & Remediation Advisory
Data Sheet
“ 2018 alone marked $2.71 billion
dollars in victim losses” with respect
to incidents reported to the FBI for
examination.
Internet Crime Report FBI, 2018
Service Benefits
• Tailored engagement models align to your needs and business objectives
• Incident response analysts with GIAC GCFE, GCFA, GCIA, GCIH, and GREM certifications provide expert guidance and support
• Proven methodology drives recovery and builds proactive capabilities to prevent future attacks
• Swift, decisive engagements return business to normal operating conditions while preserving necessary artifacts for incident reporting and lessons learned
350 Sentry Parkway | Bldg. 670, Suite 201 | Blue Bell, PA 19422 | 267.664.4200
© 2020 Revolutionary Security, LLC
Partner with Revolutionary SecurityAs a cybersecurity-focused firm, Revolutionary Security is dedicated to helping enterprises outpace cyber threats using proactive defense capabilities. Built on expertise gained defending the world’s largest defense contractor and Fortune 500 critical infrastructure networks from cyber-attacks, our company brings unique cybersecurity experience and unrivaled passion for cyber defense to every engagement.
Incident Response | Operate & Support
Prepare Today for the Incidents of TomorrowContact Revolutionary Security to discuss how to improve your organization’s defensive resiliency. Call 267.664.4200 or visit revsec.com
Approach & MethodologySix Phases of PICERL Framework
Our incident response engagements utilize the PICERL framework (phase two through six) to enable a structured and thorough approach. This approach drives comprehensive analysis and empowers clients to recover, as well as to mature through the process.
PREPARATION
01
ERADICATION04
IDENTIFICATION02
LESSONSLEARNED
06
CONTAINMENT03
RECOVERY05
• Identification – Investigate the threat and extract key pieces of information such as indicators of compromise (IOC) for follow on response activities
• Containment – Stop the threat from spreading and use IOCs to halt nefarious activities
• Eradication – Safely expel threat actors from your environment while ensuring data preservation using our expert recommendations
• Recovery – Return to normal operating rhythms. Our team provides advisory support for your organization during recovery activities
• Lessons Learned – Debrief to highlight response successes, identify gaps, and assign action items to improve cyber resiliency. Using our structured format and methodology our experienced team guides you through the process