Experiencing a

SECURITY BREACH?


1-844-831-7715

(44) 808-234-6353

CTIR Services

Are you experiencing a security

EMERGENCY?

If you’re experiencing a cybersecurity incident, contact Cisco Talos Incident Response immediately.

CTIR emergency experts are available 24-hours a day.

1-844-831-7715

(44) 808-234-6353

Emergency Response

Dynamic threat landscape

Cybersecurity incidents have become a fact of life. Attackers have unlimited tries to breach your network with innumerable tools at their disposal. When your organization is experiencing a cyber-related incident, Cisco Talos Incident Response (CTIR) can help. We mobilize quickly to rectify immediate concerns and contain the threat. CTIR Emergency Response investigations address underlying and root cause issues, remediating the threat, improving security posture and creating a long-term strategy for stronger defense.

Access to Talos' intelligence allows for rapid triage, coordination and execution during a critical response. This is crucial when minutes and seconds mater for a quick, effective recovery.

Different threats require different responses

Your organization, threat, risk tolerance, and specific incident all combine to create a unique situation that requires a tailored approach to resolution.

While every situation is different, our mission is the same: we work with you to coordinate, design and deliver business recovery as quickly as possible.

What does this include?

  • Triage:
    Assess the current situation to initiate and design a response strategy.
  • Coordination:
    Tracking status, action items and compiling intelligence updates to ensure incident handling standards.
  • Investigation:
    Understanding the scope of the attack by deploying the necessary tools, automated and manual log analysis, digital forensics, and reverse engineering malware.
  • Containment:
    Removing the ability for the adversary to continue moving freely in the environment.
  • Remediation:
    Expert guidance on containment and remediation of malware, tools, artifacts and other remnants of the attackers.
  • Final report:
    Upon completion, a robust incident report is generated that includes an incident summary, recap, findings and recommendations.

Emergency Response case study

  • Challenges

    • The customer’s Remote Desktop Protocol (RDP) was open to the internet, even after attempts to close known vulnerabilities.
    • Adversaries exploited a known vulnerability and deployed ransomware, crippling the corporate network and causing considerable downtime for the company and their customers.

  • Solutions

    • Customer had an existing CTIR retainer. As such, CTIR responded within one hour.
    • Collaborative response team included: Talos IR, legal, PR and key security product business units to assist the customer beyond simple threat remediation.

  • Outcomes

    • Customer recovered a week quicker than if they had not had a retainer in place.
    • Reporting highlighted remaining gaps in their security posture and a strategy to address them.
    • Collaborative response strengthened security team’s relationship with the executive team.

Interested in this service?

Reach out to your account team or contact us below.

Security expertise at your fingertips

When you partner with Cisco Talos Incident Response, you ensure your organization has direct access to unique and actionable threat intelligence, world-class emergency response capabilities, and unmatched expertise to help you be prepared for current and future threats.

Interested in this service?

Reach out to your account team or contact us below.