THINK YOU’VE BEEN HACKED?
First thing to do is not panic. LRQA Nettitude’s experienced Incident Response Team are here to help. Simply contain the incident and contact us ASAP. We will work with you to ensure that your containment has worked and then methodically work through the investigation, recovery, and remediation aspects of the incident until it is fully resolved.
LRQA Nettitude’s Emergency Incident Response Team have consistently found mishandling the incident typically leads to crucial evidence being destroyed thus extending the time to full resolution. You should contact us immediately for swift and decisive action. When you call us, we will follow these steps:
- Engage – We will engage with you to quickly understand the problem and what actions you have taken.
- Contain – We will advise you on how best to contain the compromise to prevent further damage.
- Investigate – Our expert and experienced Incident Responders will conduct a thorough investigation of the compromise to understand the scope, impact, and cause of the incident.
- Remediate – Once we have established the cause of the incident, we will provide advice on how to immediately prevent the incident re-occurring
- Recover – We will work with you to recover systems and return them Business-As-Usual.
- De-Brief – Once you have returned to Business-As-Usual we will perform a full de-brief to identify how to improve your cyber emergency response to any future compromises.
Evidence identification – We will identify the appropriate log/data sources to analyse.
Software provision – We will provide you with free, easy-to-deploy software to facilitate the recovery of critical forensic artefacts on impacted systems.
Specialist Skills – LRQA Nettitude will draw on a wide range of specialist skills in order to investigate and resolve the incident including: Malware analysis, Threat Intelligence, and Digital Forensics.
Reporting – LRQA Nettitude will supply you with a technical report which will record the results of investigation and our recommendations to mature your ability to respond to incidents going forwards.
Why LRQA Nettitude?
1. Industry Accreditations – LRQA Nettitude are one of only a handful of cyber security companies that hold the full range of CREST certifications across all cyber security domains.
2. Industry Reputation –LRQA Nettitude have been recognised within the industry as a leading cyber security provider (LogRhythm MSSP of the year 2021, Cyber Security Services Provider of the year 2016, etc.). LRQA Nettitude actively contributes to many industry and government forums and working groups where the future standards and direction are formed.
3. Deep grasp of offensive and defensive security actions – LRQA Nettitude have some of the industry’s best offensive security experts who know how attackers behave and the types of actions they take. Our Emergency Incident Response Team provides the ability to respond to these – in other words we understand the holistic approach.
4. Zero Day Vulnerability Research – LRQA Nettitude have a dedicated vulnerability research team who find 40-50 zero-day vulnerabilities per annum. This clearly demonstrates that we not only understand vulnerability management but are capable of discovery, reverse engineering and in-depth analysis as required.