INCIDENT RESPONSE by HACKNOWLEDGE . After an incident is detected, the response must be quick and efficient, the clock is ticking. Hacknowledge security experts from the CSIRT team will help you to quickly identify and contain the discovered threat.
 
INCIDENT RESPONSE
 
When contained, a meticulous analysis is performed to determine the impacted systems and the entry point of the threat, the patient zero. With action-oriented and pragmatic recommendations this will allow you to identify your weaknesses and remediate them to recover being confident the same attack will not happen twice.

 

After an incident is detected, the response must be quick and efficient, the clock is ticking. Hacknowledge security experts from the CSIRT team will help you to quickly identify and contain the discovered threat. When contained, a meticulous analysis is performed to determine the impacted systems and the entry point of the threat, the patient zero. With action-oriented and pragmatic recommendations this will allow you to identify your weaknesses and remediate them to recover being confident the same attack will not happen twice.

 
 
FORENSIC ANALYSIS
 
If necessary the Hacknowledge CSIRT team can perform forensic analysis and collect digital evidences with state of the art techniques ensuring the continuity of the chain of custody for legal procedure. This goes from the collection of the evidences, to the data acquisition and their analysis using solutions such as write-blockers and trusted forensics analysis tools and procedures.
 
 
INCIDENT PREPARATION
 
To make the incident response as efficient as possible, a pre-incident assessment is performed to identify points that may slow down and interfere with the response when every minute counts.
With this preparation, Hacknowledge engineers will provide you recommendations to ease the incident response and allow you to be ready to face a security incident.
 
 
CYBER CRISIS MANAGEMENT  SUPPORT
 
Beyond technical breach analysis and remediation advises, Hacknowledge will support customer in crisis handling.
The main objective is to create an effective communication interface between the engineers handling the technical part of the incident response and the customer’s management.
Our crisis consultants will be able to support the customer in his management of the cyber crisis:

 

  • Organization of incident response:
  • Kickoff
  • Steering committee
  • Incident debrief
  • Internal and external communication
  • Linking with the appropriate partners for technical, organizational remediation and legal actions
  • Post crisis remediation follow up

 
 
PURPLE TEAMING COLLABORATIVE TESTING
 
Purple Teaming is a collaboration between offensive and defensive tactics.
The offensive team will follow the cyber kill chain, while the defensive team will try to detect these intrusion attempts, in particular the lateral movement and privilege escalation related events. This to reduce the cyber kill chain in the earliest stage to avoid offensive team to reach critical assets of the customer.
The aim of this new form of assessment is to continuously enhance customer security coverage by leveraging synergy of both defensive and offensive service of Hacknowledge, as the defensive team will expand their knowledge of the tactics, techniques and procedures used by the real attackers.